Zombie code infects PCs running Win98

Zombie code infects PCs running Win98

By William Jackson

GCN Staff

Trojan horse programs similar to those believed responsible for a series of high-profile service-denial attacks last month have now appeared on desktop computers running Microsoft Windows 98.

The original programs, dubbed Tribal Flood Network, or TFN, and Trin00, exploit vulnerabilities of the SunSoft Solaris operating system. A hacker can hide them on a compromised server and activate them remotely to launch a coordinated, distributed attack.

Similar programs recently have appeared on servers running Windows NT.

But about 150 PCs running Win98 at James Madison University are the first desktop PCs found infected and possibly hijacked for use in zombie attacks.

The adaptation to Win98 is significant, said Patrick Taylor, vicepresident of the risk assessment group of Internet Security Systems Inc. of Atlanta.

Although its technical sophistication is not great, the Win98 agent, named Wintrin00, 'brings in a whole different league of computers that can be zombies,' he said.

The university's PCs apparently were infected through e-mail attachments. The Trojan horse was not self-replicating, so planting it would have been relatively labor-intensive.

A PC can't generate as much service-denial traffic as a server can. But because of the large number of systems that run Win98 and the growing number with always-on network connections, 'the level of protection on all computers, not just your big servers, is important,' Taylor said.


  • business meeting (Monkey Business Images/Shutterstock.com)

    Civic tech volunteers help states with legacy systems

    As COVID-19 exposed vulnerabilities in state and local government IT systems, the newly formed U.S. Digital Response stepped in to help. Its successes offer insight into existing barriers and the future of the civic tech movement.

  • data analytics (Shutterstock.com)

    More visible data helps drive DOD decision-making

    CDOs in the Defense Department are opening up their data to take advantage of artificial intelligence and machine learning tools that help surface insights and improve decision-making.

Stay Connected