Sasser worm
hits Hawaii
Hawaii computer users yesterday were given another reason to hate Monday, waking up to find their computers crashed by the Sasser virus that spread worldwide over the weekend.
The virus, which exploits a security flaw in certain Microsoft Windows operating systems, attacked computers that had failed to take much-publicized precautions announced by Microsoft April 12.
The worm infected hundreds of thousands of computers over the weekend and yesterday, from corporate networks to home PC users. Local computer-services firms said larger networks in Hawaii seem to have applied the security patch and were generally unaffected, and that home users and small businesses bore the brunt.
"It's hitting the small-fry user and small businesses," said James Kerr, president of SuperGeeks, which stayed busy through the weekend fixing a steady stream of crashed computers.
While it caused headaches for many, the Sasser worm is generally less destructive than the Blaster and other past worms. It spreads from an infected computer to another by automatically scanning Internet addresses in an infected computer and looking for a vulnerable PC to infect, requiring no interaction by the user.
Once inside, it continually crashes computers but does not necessarily destroy data.
The SANS Internet Storm Center, which tracks worms and viruses, said four different strains of the worm had affected 500,000 computers worldwide as of yesterday.
One of those belonged to John Ballesteros, whose Honolulu-based online surfwear business Bald Clothing was paralyzed all weekend and into yesterday.
"It's been a good lesson on the need to keep your anti-virus software up to date," he said.
By yesterday afternoon, the outbreak had leveled off worldwide and PC users appeared to be eradicating it.
However, Kerr warned that an e-mail was making the rounds claiming to offer a Sasser "fix" that really contains a version of the e-mail-clogging Netsky virus.
The author of the Netsky worm, which was first unleashed in February, has claimed responsibility for both viruses. The author's identity is unknown.
Kerr said most computer users should be able to fix a Sasser-crashed computer themselves, but that it requires access to another, unaffected, computer so that instructions and tools can be downloaded from a user's anti-virus software provider.