Indian, Pakistani hackers take war to cyberspace
WASHINGTON: Yaha-Q, a variant on the Yaha virus released by hackers from both countries since June last year, has been launched as the latest chapter in the cyber battle, according to a report in IT Management News.com.
Although many anti-virus firms have classified the worm as a low-grade threat, a virus tracker says releasing Yaha-Q as part of a turf war could set a bad precedent for future feuds, especially in times of political and military upheaval.
"The Indian Snakes gang claims that this is not a political spat, rather a battle to establish cyber-crime supremacy," said Chris Wraight, a technology consultant at Sophos, Inc., an anti-virus company based in Lynnfield, Massachusetts.
"It's a shame that this dispute between rival cyber criminals is being fought on computers of innocent computer users. Usually groups like these might bicker in chat rooms or try to bring down each other's websites," Wraight said.
"If this was a quickly propagating virus, everyone could be brought into the fray. Based on world events, there's the possibility that we'll see more of this."
The Indian Snakes released the Yaha-Q variant in retaliation against a group of Pakistani hackers who had defaced some Indian websites. The worm is designed to launch a "denial-of-service" attack against five Pakistani websites.
It also carries a number of messages to the Pakistani hackers, a U.S.-based virus expert said.
The Yaha-Q worm can shut down about 20 different applications, including personal firewalls and anti-virus software, according to Tony Magallanez, a system engineer with Finland-based F-Secure Corp.
It propagates itself through e-mail, picking up addresses from the infected systems' address book.
Sophos' Wraight said the worm triggers a "denial-of-service" attack from each infected system. However Magallanez said the denial-of-service attacks have failed to cause much damage and the worm has been slow to spread.