Hacker Tool Targets Windows NT
In the consumer world, folks like Ralph Nader fight for consumer rights by helping pass tough consumer protection laws. Then there's the PC world.
For us, there's a self-proclaimed equivalent: Groups of (mostly teenaged) hackers basking in the glow of computer monitors, who release nasty computer bugs under the guise of strong-arming software makers to get tough on privacy and security.
"We want to raise awareness to the vulnerabilities that exist within the Windows operating system. We believe the best way to do this is by pointing out its weaknesses," says a member of the hacker group the Cult of the Dead Cow who goes by the pseudonym Sir Dystic.
The Cult of the Dead Cow created and released the program Back Orifice last year to the general public at the Las Vegas hacker and security conference DEF CON. The program allows its users to remotely control victims' desktops, potentially undetected.
At this year's conference, on July 9, Sir Dystic says the cult will outdo itself and release Back Orifice 2000. The program, he says, is smaller, nimbler, and twice as nefarious.
Computer security experts question the Cult of the Dead Cow's intent. Releasing a hacking tool like Back Orifice 2000 in the name of safeguarding computer privacy is a bit like the American Medical Association infecting cattle with the deadly e. coli bacteria to inspire food companies to sell healthier meats.
Unlike earlier versions that affected consumers and small businesses, Back Orifice 2000 hits large organizations because it runs on Windows NT systems, which are more used by businesses. Also, the updated program is modular, so users can add additional functions. For example, they could hide files or activate a computer's microphone for real-time audio monitoring, according to Cult of the Dead Cow.
Back Orifice 2000 will also be more difficult to detect via network monitoring programs, according to Sir Dystic. This is because the program can communicate back to the sender by using a variety of different protocols, making it hard to identify.
The group also says it will make the source code available for Back Orifice 2000, which will likely spawn multiple strains of the program in the hacker community, experts say.
Another purported function is real-time keystroke-logging, which can record and transmit a record of every keystroke of an infected computer. Also, the recipient can view the desktop of a targeted computer in real time.
It should be noted that PC World Online has no independent confirmation that new Back Orifice 2000 program actually lives up to the claims of Cult of the Dead Cow.
"We will be closely monitoring DEF CON to see what Back Orifice 2000 has in store for us," says Andrew Maguire, a product manager with Network Associates, which markets security and antivirus products. The company promises to provide customers with software protection for Back Orifice 2000, as it did with the original Back Orifice, if and when the program is released.
In the past, Microsoft has downplayed the risk of Back Orifice. The program poses no threat to users who follow what the company considers safe computing practices, according to the company.
Other computer security experts say the impact of Back Orifice 2000 is minimal. "I don't worry about programs that receive this kind of fanfare because everybody knows about them," says Daniel Cohen, president of Strategic Microsystems. "We worry about the ones nobody is bragging about."
Back Orifice 2000 is classified as a Trojan horse program. These programs are generally destructive and are hidden inside e-mail attachments, games, utilities, or any executable application. When run, a Trojan horse tries to do something harmful to your computer under the pretense of being useful.
Security experts are worried about the proliferation of easy-to-use software tools that make it simpler for inexperienced hackers to break into sites. These so-called script kiddies, who use ready-made hacking software downloaded from the Internet, are creating a diversion from attacks made by more serious hackers, say experts.
Thousands of hacking programs are available on the Internet. Back Orifice is simply the most famous, Maguire says.
It's difficult to estimate how much damage hackers actually do. Some experts suggest it is overstated by a computer industry eager to sell safety services. Also, experts estimate 80 percent of hacking comes from within a corporation rather than from outside attacks.
The upside of the teeming thousands of amateur hackers is that their prodigious efforts to hack into sites have forced software companies to provide security plugs and repairs to targeted software flaws, Cohen says.