To install click the Add extension button. That's it.

The source code for the WIKI 2 extension is being checked by specialists of the Mozilla Foundation, Google, and Apple. You could also do it yourself at any point in time.

How to transfigure the Wikipedia

Would you like Wikipedia to always look as professional and up-to-date? We have created a browser extension. It will enhance any encyclopedic page you visit with the magic of the WIKI 2 technology.

Try it — you can delete it anytime.

Install in 5 seconds
4,5
Kelly Slayton
Congratulations on this excellent venture… what a great idea!
Alexander Grigorievskiy
I use WIKI 2 every day and almost forgot how the original Wikipedia looks like.
Live Statistics
English Articles
Improved in 24 Hours
Added in 24 Hours
Languages
Recent
Show all languages
What we do. Every page goes through several hundred of perfecting techniques; in live mode. Quite the same Wikipedia. Just better.
Great Wikipedia has got greater.
.
Leo
Newton
Brights
Milds

Agent.BTZ

From Wikipedia, the free encyclopedia

Agent.btz
Common nameAgent.btz
Aliases
Author(s)Unknown
This article is about the worm. For the Trojan infecting Windows, Android, and other operating systems, see Agent.AWF.

Agent.BTZ, also named Autorun,[1][2] is a computer worm that infects USB flash drives with spyware. A variant of the SillyFDC worm,[3] it was used in a massive 2008 cyberattack on the US military, infecting 300,000 computers.

YouTube Encyclopedic

  • 1/3
    Views:
    226 415
    128 978
    249 194
  • 15 Worst Computer Viruses in History
  • 10 Worst Computer Viruses Of All Time
  • Difference Between Viruses, Worms and Trojans

Transcription

From holding your files ransom to grounding military aircraft, we count 15 of the worst and most damaging computer viruses in history. Number 15 In September 2013 Dell SecureWorks first observed a ransomware Trojan infecting Microsoft Windows. CryptoLocker spread via email attachments and an existing botnet. After encrypting files on the infected PCs, the virus would then display a message that offered to decrypt the data for a payment in either Bitcoin or pre-paid cash voucher. Operation Tovar, an international collaboration, managed to isolate CryptoLocker in May 2014. Never the less, the creators were believed to have extorted around $3 million. Number 14 In 2001 a Dutch programmer created a worm virus, which tricked recipients into opening a message that strongly suggested they would get a personal glimpse of Anna Kournikova. The tempted recipients would then trigger a malicious program that plundered their Outlook address book. The virus would then forward itself to every address it found. The flood of emails it unleashed paralysed servers all over the world. It became so notorious it even featured in an episode of Friends. Number 13 Created by a 17 year old boy named Sven Jaschan and released on his 18th Birthday, Sasser and Netsky were first discovered in 2004. Sasser attacked through a Microsoft Windows security weakness making it difficult to use and shutdown a PC, while Netsky went through emails with spoofs, causing DoS attacks through huge volumes of traffic. Sven later claimed to have written the Netsky worms in order to remove infection of the MYDOOM virus from victims computers. On July 8 2005, he received a 21 month suspended sentence. He later received 3 years probation and 30 hours community service in a retirement home. Number 12 Appearing first in October 2001, the Klez virus spread through emails. There were a number of variants that plagued the internet for several months, some acting as worms and some as trojans. It could disable anti-virus software and then pose as a virus-removal tool. As it spread some hackers adapted it to be more effective. It ransacked address books and could be programmed to spam recipients with multiple emails. Number 11 In 2008 a super virus appeared. Conflicker infected millions of computers worldwide including government, business and home PC's in over 200 countries, making it one of the largest known computer viruses in history. With the ability to crack admin passwords and copy itself to USB drives, it caused considerable panic, as it infected many high security networks including the French Navy, forcing aircraft to be grounded. The UK Ministry of Defence reported it had spread onto NavyStar desktops, aboard Royal Navy warships and submarines. Number 10 CIH, also known as Chernobyl, first appeared in 1998. It is one of the most damaging viruses, overwriting information and in most cases overwriting the system BIOS. The virus was spread via an infected firmware update to Yamaha CD drives and a demo version of the Activision game SiN. Causing damages in the region of $1 billion, the virus is still around although it only infects Windows 95, 98 and ME. Number 9 Just one week after the events of 9/11, a new virus emerged. Nimda (admin spelt backwards) was the fastest replicating attack of its time. Becoming the internet's most widely spread worm within just 25 minutes of its release. It slowed down entire networks, causing many systems to crash entirely. Due to the timing of it discovery, it has been speculated that it was created by a government or terrorist organisation. Number 8 In general most MAC users feel relatively relaxed about the safety of their machines. Because Apple produce both hardware and software, the systems are far more closed than PCs. However in 2006 hackers got in through the iChat instant messaging program, with a corrupted file that looked like an innocent JPEG. As MACs become more common place, expect more attacks on their integrity. Number 7 Surfacing in 2007, Storm Trojan infected thousands of computers. Users would be lured into opening emails with subjects such as '230 dead as storm batters Europe' and 'Naked teens attack home director'. Once the attachment was opened the Trojan implanted a service that passed data to other infected computers, each becoming a zombie in a botnet, a huge global network of computers enslaved by Storm Trojan. Each computer attempting to infect others with the aim to control the processing power of every single PC on the planet. It was eventually contained but only after millions of man hours trying to halt its activity. Number 6 Created by David L Smith who named it after a Miami based stripper, Melissa was ironically not designed to create harm. However it spread so quickly that it overloaded servers. Melissa was spread via a file that contained passwords for 80 pornographic websites to a Usenet group called alt.sex. As soon as the email recipient opened the file it would attempt to email itself to the first 50 email addresses it could take from the computer. The FBI reported it as 'wreaking havoc on government and private sector networks'. Smith was fined $5,000 and served 20 months in jail. Number 5 In 2003 SQL Slammer, also known as Sapphire hit the net. Doubling its infections every few seconds, the Slammer virus infected nearly half the internet servers in just 15 minutes. Its main targets were companies running SQL servers. Amongst many other high profile victims, it managed to bring down the Bank of America's ATM system, disrupted part of Seattle's emergency services and caused Continental Airlines to cancel several flights. Causing damages in the region of $1.2 Billion and infecting 200,000 PC's. Number 4 In the summer of 2001 two employees at eEye Digital Security discovered a new virus. While drinking Code Red Mountain Dew at the time, they decided to call this new virus, Code Red. The virus defaced many websites with the message 'Hacked By Chinese'. Causing damages of $2.6 Billion and infecting over 1 Million PCs, this virus would launch DDOS attacks on several fixed IP addresses. The highest profile victim being the White House. Number 3 If you received an email labelled 'I LOVE YOU', would you open it? Well, over 500,000 people did. In the year 2000 this virus surfaced just after Melissa hit computers world-wide. It was a standalone programme sent via email with the title I LOVE YOU. The virus would email itself to the first 50 contacts in the users address book and embed itself deep into the computer copying itself many times. It would then download a file that stole passwords and secretly emailed the information to hackers. Causing damages of $15 Billion doesn't seem very loving. Number 2 The SOBIG virus is considered one of the most destructive worms of its time. With many variants, none were more destructive than SOBIG.F. With damages in the region of $37.1 Billion. This worm appeared only a little more two weeks before Slammer and infected over 2 Million PCs world-wide. Sending itself in emails from '[email protected]' SOBIG.F spread faster than any other email worm prior. Even with a bug in its code preventing local network infection, it managed to bring freight and computer traffic to a halt in Washington DC and grounded many of Air Canada's flights. Number 1 The aptly named MYDOOM was the fastest spreading virus of all time and in February 2004 it was estimated to be infecting 1 in 12 emails with 100,000 interceptions taking place every hour. It spread through email and peer-to-peer networks enabling it to dig deep into the web. It manifested through an email attachment with titles such as 'Mail Delivery System' or 'Mail Transaction Failed'. Naturally many people opened the attachment. Its aim was to assault Google, AltaVista and Lycos and at its peak managed to shut down Google for almost an entire day. Infecting over 2 Million PCs and causing damages of around $38 Billion. They never found the creator. So with thousands of new computer viruses being discovered every day, many people wonder 'Who is creating them?' While others simply wonder 'Who is making money from them?' As always thanks for watching.

Technical description

The Agent.BTZ worm is a DLL file, written in assembler (x86-32 bit).[4] It spreads by creating an AUTORUN.INF file to the root of each drive with the DLL file.[5] It has the ability "to scan computers for data, open backdoors, and send through those backdoors to a remote command and control server."[3]

History

Main article: 2008 cyberattack on United States

In 2008, at a US military base in the Middle East, a USB flash drive infected with Agent.BTZ was inserted into a laptop attached to United States Central Command. From there it spread undetected to other systems, both classified and unclassified.[6] In order to try and stop the spread of the worm, the Pentagon banned USB drives and removable media devices. They also disabled the Windows autorun feature on their computers.[3] The Pentagon spent nearly 14 months cleaning the worm from military networks.[3]

Attribution

Chinese hackers were thought to be behind the attack because they had used the same code that made up Agent.BTZ in previous attacks.[7] According to an article in The Economist, "it is not clear that agent.btz was designed specifically to target military networks, or indeed that it comes from either Russia or China."[8] An article in the Los Angeles Times reported that US defense officials described the malicious software as "apparently designed specifically to target military networks." It's "thought to be from inside Russia", although it was not clear "whether the destructive program was created by an individual hacker or whether the Russian government may have had some involvement."[9]

In 2010, American journalist Noah Shachtman wrote an article to investigate the theory that the worm was written by a single hacker.[3] Later analyses by Kaspersky Lab found relations to other spyware, including Red October, Turla, and Flame.[10]

In December 2016, the United States FBI and DHS issued a Joint Analysis Report which included attribution of Agent.BTZ to one or more "Russian civilian and military intelligence Services (RIS)."[11]

References

  1. ^ Shevchenko, Sergei (30 November 2008). "Agent.btz - A Threat That Hit Pentagon". ThreatExpert Blog. Retrieved 14 December 2016.
  2. ^ "W32/Autorun.worm.dw - Malware". McAfee Labs Threat Center. 21 November 2008. Retrieved 14 December 2016.
  3. ^ a b c d e Shachtman, Noah (25 August 2010). "Insiders Doubt 2008 Pentagon Hack Was Foreign Spy Attack". Wired. Retrieved 14 December 2016.
  4. ^ "Agent.BTZ - Virus Information". Panda Security. Retrieved 14 December 2016.
  5. ^ "Worm:W32/Agent.BTZ Description". F-Secure Labs. Retrieved 14 December 2016.
  6. ^ William J. Lynn III. "Defending a New Domain". Foreign Affairs. Retrieved 2010-08-25.
  7. ^ Leyden, John (20 November 2008). "US Army bans USB devices to contain worm". The Register. Retrieved 14 December 2016.
  8. ^ "The worm turns". The Economist. 4 December 2008. Retrieved 14 December 2016.
  9. ^ Barnes, Julian E. (28 November 2008). "Pentagon computer networks attacked". Los Angeles Times. Retrieved 14 December 2016.
  10. ^ Gostev, Alexander (12 March 2014). "Agent.btz: a Source of Inspiration?". Securelist. Retrieved 19 May 2020.
  11. ^ "GRIZZLY STEPPE – Russian Malicious Cyber Activity" (PDF). US CERT. Retrieved 2 March 2017.
This page was last edited on 8 February 2023, at 17:27
Basis of this page is in Wikipedia. Text is available under the CC BY-SA 3.0 Unported License. Non-text media are available under their specified licenses. Wikipedia® is a registered trademark of the Wikimedia Foundation, Inc. WIKI 2 is an independent company and has no affiliation with Wikimedia Foundation.
Contact WIKI 2
Introduction
Terms of Service
Privacy Policy