Symantec Warns Korgo Virus Is Getting Serious

Gretchen Gallen
BERLIN – The newest computer virus to hit worm-riddled cyberspace is Korgo (W32.Korgo), a worm that is so far isolated to parts of Germany but capable of targeting personal bank and credit card information without any involvement from a user, authorities said Thursday.

U.S. security firm Symantec issued a warning that the Korgo.F variant is becoming a serious threat. Korgo was first spotted on May 25.

According to cyber security experts, Korgo is strikingly similar in its codification to the Sasser virus and its subsequent variants. Sasser hit the web in May and swiftly crippled hundreds of big-name business networks and infected millions of computers.

Like many computer viruses that left their indelible mark on the Internet community before Korgo, the virus is rooted in a security loophole in Microsoft's Windows operating system. Operating systems that are particularly vulnerable are Windows 98, Me, NT, 2000 and XP. The virus does not infect Mac-based operating systems.

The Federal Office for Security in Information Technology based in Bonn issued a security warning this week on the dangers of Korgo, which does not rely on users to open an attachment or an email in order to launch an attack. The worm's primary function, say experts, is to hunt out online banking passwords and credit card numbers. The worm can enter through a back door unless a user deliberately applies a patch.

"This backdoor functionality could result in a loss of confidential data and may also compromise security settings," said Kevin Isaac, Symantec Regional Director for the Middle East and Africa. "This threat is another strong example of why it is critical for computer users to be diligent in applying security patches, keeping virus definitions updated, and following best practices."

Due to a rise in reported incidents of Korgo, Symantec has raised its warning response level from a Level 2 to a Level 3.

Microsoft has reportedly already made Korgo patches available to users but does not believe the virus will spread as quickly or as widely as Sasser.

Symantec is recommending that users implement a more "integrated" approach to network security because of the increase in worms designed to invade user privacy and confidentiality.

According to a recent report form a software security firm, the amount of new viruses released in the month of May alone hit a two-and-a-half-year high. Those viruses included Sasser, Netsky-Z, Sober-G, Bagle-AA, and Lovgate-V.