Security experts claimed that a CNNMoney report today in the US on the latest strain of the Rinbot worm overhyped the destructive power of the malware.
The report came on the back of an infection of the network belonging to CNN’s parent company, Time Warner. The CNN article claimed that “the latest strains of the insidious Rinbot computer virus could hijack network systems of businesses worldwide.”
But Ken Dunham, director of the Rapid Response Team for VeriSign’s iDefense, said that Rinbot is “just one of thousands of bots crawling the internet today.”
“This doesn’t even hardly show up on the radar screen,” Dunham told SCMagazine.com.
According to the report by CNN, the latest variant of Rinbot targets antivirus programs from companies such as Symantec.
"Traditionally hackers always went after Microsoft's anti-virus programs. But now they're increasingly targeting other commonly used programs such as Symantec programs and others," Graham Cluley, senior technology consultant with Sophos, told CNN.
While Symantec confirmed to CNN that code in the latest strain of RINBOT indicated a targeted attack, it said that its Security Response team rates the virus risk as Low.
"In order to close off the vulnerability itself, a patch was made available to customers in May 2006,” a Symantec spokesperson said in a statement later in the day. "Customers who have followed intelligent patching practices should not be affected by the new variant.”
To further protect customers, today Symantec also released certified definitions containing detection for the latest strain of the worm, W32.Rinbot.L.
Dunham agreed with Symantec’s assessment of the severity of Rinbot. He said that iDefense has seen zero reports of this newest strain of the worm.