1994-07-07 - TROJAN HORSE CALLED CHINON
Header Data
From: Random H0Z3R <nobody@c2.org>
To: cypherpunks@toad.com
Message Hash: b5fc15c93306395073bf8aad48c680eb9f643b096801b9e0d312f36843b4e1a5
Message ID: <199407071505.IAA07105@zero.c2.org>
Reply To: N/A
UTC Datetime: 1994-07-07 15:08:12 UTC
Raw Date: Thu, 7 Jul 94 08:08:12 PDT
Raw message
From: Random H0Z3R <nobody@c2.org>
Date: Thu, 7 Jul 94 08:08:12 PDT
To: cypherpunks@toad.com
Subject: TROJAN HORSE CALLED CHINON
Message-ID: <199407071505.IAA07105@zero.c2.org>
MIME-Version: 1.0
Content-Type: text/plain
============================================================================
SUBJECT: ALERT RAISED ON TROJAN HORSE CALLED CHINON
SOURCE: Newsbytes via Fulfillment by INDIVIDUAL, Inc.
DATE: July 1, 1994
INDEX: [1]
----------------------------------------------------------------------------
PITTSBURGH, PENNSYLVANIA, U.S.A., 1994 JUL 1 (NB) via INDIVIDUAL, Inc. --
Newsbytes has confirmed that a new "Trojan horse," named the "Chinon" or
"CD-IT" program, is being spread by "unknown hackers" on the Internet.
Newsbytes confirmed through the Computer Emergency Response Team at
Carnegie-Mellon University in Pittsburgh that the program has been
distributed by unknown persons on the Internet, from which it can be
downloaded. Unlike a virus, a piece of code which hides from users and then
causes destruction, a Trojan horse masquerades as a helpful program, but
then causes damage when downloaded.
The program alleges to be a shareware utility for PCs that will convert
an ordinary CD-ROM drive into a CD-Recordable device. That is technically
impossible. Instead the program destroys critical system files on a user's
hard drive and can crash the CPU, forcing its user to reboot while
remaining in memory.
According to a spokesman for CERT, the only remedy now known for infected
computers is a regular back-up of the hard drive. Once the Trojan horse is
activated, there's nothing that can be done except to erase the hard drive
and re-load it from the back-up, losing all work done since the last back-
up. The program is not detected by most anti-viral programs in part because
it's not a virus.
Word of the program, and efforts to correct it, have spread quickly.
Newsbytes got word through a bulk-mail from an OS/2 newsgroup, the message
originating at the University of Georgia. UGA, meanwhile, apparently
learned of Chinon through Doug Leonard, who spread an alert from the
Sacramento PC Users Group. The original message, in turn, was written by
Mark F. Haven of the US Department of Health & Human Services. The message
to Newsbytes, sent around 4:30 PM Eastern Daylight Time, was confirmed
through a phone call to Terry McGillan at Carnegie- Mellon, who checked with
CERT to make sure the alert was genuine.
(Dana Blankenhorn/19940701/Press Contact: Terry McGillan, Carnegie-Mellon
University, 412-268-7394)
Thread
Return to July 1994
Return to “Random H0Z3R <nobody@c2.org>”
1994-07-07 (Thu, 7 Jul 94 08:08:12 PDT) - TROJAN HORSE CALLED CHINON - Random H0Z3R <nobody@c2.org>