Start your day with intelligence. Get The OODA Daily Pulse.
Anti-virus firms have raised the peril index of the Korgo worm up a notch following the spread of several new variants this week. Korgo (aka Padobot) exploits the Microsoft Windows Local Security Authority Subsystem Service (LSASS) vulnerability to spread across vulnerable machines. The same flaw was infamously exploited by the Sasser worm and by a number of less prolific worms since. Kordo has some nasty tricks up its sleeve but the worm is far less prolific than Sasser. The worm was written by the Russian Hangup Team virus group, according to Finnish AV firm F-Secure. All seven variants of the worm are very similar. Full Story