Approximately 1,400 Australian Internet accounts have been compromised by the Back Orifice cracker program, which creates a backdoor monitoring system on unsuspecting Windows 95 and Windows 98 users.
"Internet users around Australia, including individuals and organizations, have unwittingly downloaded this program, which is usually disguised as a legitimate program such as a game, joke, or email attachment," said Brisbane-based Net security firm Shake Communications in a statement.
Once installed on a target machine, Back Orifice, a miniature server that hides itself on a hard drive, allows a cracker to obtain access to user-ID information, system passwords, files, and corporate networks.
Shake scanned 92 Australian ISPs and found that 79 percent were unwittingly infected with the Back Orifice server. Using the program, Shake was also able to obtain user IDs and passwords to 791 dialup ISP accounts, 31 accounts on educational institutions including universities and private schools, 85 accounts on company Web sites and subscription-based services, and 493 accounts to pornography Web sites.
Hacker collective Cult of the Dead Cow released Back Orifice in August to bring attention to what they said was poor security in Microsoft's operating system software. The program allows a malicious user to remotely control and monitor any computer running Windows 95 or 98 over a network. It also opens up a cornucopia of security and privacy holes without the user even knowing it is there.
Upon hearing today's news, Karan Khanna, the lead product manager for Windows NT at Microsoft, said that Back Orifice is just like any other virus and can be detected and treated by most of the major virus protection programs.
