Bobax Worm Turns Computers Into Spam Zombies

Virus researchers at Sophos are warning users about a new internet worm which is capable of turning infected computers into spam factories and launchpads for denial-of-service attacks against websites.

The Bobax-A worm (W32/Bobax-A) uses the Microsoft security vulnerability exploited by the recent Sasser worm to break into computers, enabling attackers to gain full control of the infected PC.

“Worms like Bobax are gold dust to spam gangs – giving them an easy way to build up a network of innocent computers to send their spam from,” said Graham Cluley, senior technology consultant for Sophos. “Computer users who have not properly protected their PCs with anti-virus updates, firewalls and Microsoft’s security patch are asking for trouble.”

As the Bobax worm travels via the internet or connected computers by exploiting a vulnerability described in Microsoft Security Bulletin MS04-011, users do not have to launch an email attachment to be infected.

“If computers users take no action and simply keep their fingers crossed, they shouldn’t be surprised if their computers turn into ‘zombies’, launching thousands of spam messages at other internet users,” continued Cluley.

Sophos anticipates that the impact of the Bobax worm will be limited because of the large number of people who have already applied the Microsoft patch and reconsidered their firewall protection since the Sasser outbreak, but urges users not to be complacent.