A computer virus that targets the popular file-sharing program Winny isn't the most destructive bug or even the most widespread. But it's the most talked about in Japan as it generates headline after headline, month after month.
The malware, called "Antinny," finds random files on Winny users' PCs and makes them available on the file-sharing network. So far, the data leaked have been varied and plentiful: passwords for restricted areas at airports, police investigations, customer information, sales reports, staff lists.
The constantly updated virus seems to have spared no one -- airlines, local police forces, mobile phone companies, the National Defense Agency. Even an antivirus software manufacturer has suffered.
PHOTO: AP
"The virus has been quite effective in getting information off a user's computer and onto the Internet. The data is supposed to be secret, so people are quite sensitive about it," said Tsukuba University computer scientist Kazuhiko Kato.
Compared to attacks on Microsoft Corp's Windows software, the scope of the Antinny outbreak is narrow. But the Winny mess has caused an enormous brouhaha in Japan.
Antinny also may have the dubious distinction of being the first virus to exploit the nature of file-sharing itself -- in Japan, if not in the world, said Mamoru Saito of Telecom Information Sharing and Analysis Center (ISAC) Japan. Other viruses and spyware are often found on such networks, though none appears to take advantage of the underlying technology to spread personal data.
And while Antinny's writers seem to be limiting themselves to Japanese file-sharing software for now, he said, the code theoretically could be modified to attack other file-sharing networks such as Gnutella and BitTorrent.
The outbreak has triggered a broad damage-control effort by government and businesses. They have banned Winny from in-house computers and fired employees who use it on them. They've also demanded that staff not take work home and delete Winny from any home PCs used for work.
"The most secure way to prevent the leakage of information is not to use Winny on your computer," Chief Cabinet Secretary Shinzo Abe, the government's top spokesman, told reporters.
But the outbreak shows little sign of abating.
"The problem has shown that many people just don't know how to use the Internet safely," said Takeshi Sato of the government's National Information Security Center.
File-sharing programs like Winny are used to find and get files -- from music to video to documents -- from the computers of other people also using the software. The PC owner typically has control over what is made available by limiting sharing to a specific folder.
The virus takes advantage of this culture to propagate itself by playing a "social" trick on users, said ISAC Japan's Saito.
When the virus is activated on a computer, it first chooses a new name for itself by taking the names of other files users are likely to be searching for -- usually photos or music. The resulting new name becomes so long that, under normal Windows' settings, the three-letter file extension that indicates the type of file disappears from view, he said.
Careless users who download the file will see only the name and think it is something they wanted -- say, a photo of a favorite movie star. They don't see that they are actually trying to open an application.
When they do, the virus then looks on the computer for the Winny application, grabs random files off the hard drive and uses Winny to make those files -- and itself -- available for download on the network.
And so the cycle repeats.
New strains of Antinny appear all the time. Software maker Trend Micro listed 46 variations of the virus in its database as of mid-May. Trend itself lost sales data due to a Winny leak in 2005.
"Just keeping your antivirus software up to date isn't enough, because the updates can't keep up with all the new strains of the virus," the government's Sato said.
The government's concerns about Winny go beyond viruses. It's often used to share files -- and that often means illegally exchanging copyrighted materials.
Winny was already on the government's radar screen in November 2004, when a user of the program was handed a three-year suspended sentence on charges of violating copyright laws.
But now it is confidential data rather than hit songs that have Winny back in the spotlight.
Japan Airlines, for example, discovered last December that an Antinny-infected computer owned by one of its co-pilots leaked passwords for restricted areas at 16 airports around Japan as well as Guam's international airport. The airline was forced to alert the airports to have passwords changed as a precaution.
GAINING STEAM: The scheme initially failed to gather much attention, with only 188 cards issued in its first year, but gained popularity amid the COVID-19 pandemic Applications for the Employment Gold Card have increased in the past few years, with the card having been issued to a total of 13,191 people from 101 countries since its introduction in 2018, the National Development Council (NDC) said yesterday. Those who have received the card have included celebrities, such as former NBA star Dwight Howard and Australian-South Korean cheerleader Dahye Lee, the NDC said. The four-in-one Employment Gold Card combines a work permit, resident visa, Alien Resident Certificate (ARC) and re-entry permit. It was first introduced in February 2018 through the Act Governing Recruitment and Employment of Foreign Professionals (外國專業人才延攬及雇用法),
WARNING: From Jan. 1 last year to the end of last month, 89 Taiwanese have gone missing or been detained in China, the MAC said, urging people to carefully consider travel to China Lax enforcement had made virtually moot regulations banning civil servants from making unauthorized visits to China, the Control Yuan said yesterday. Several agencies allowed personnel to travel to China after they submitted explanations for the trip written using artificial intelligence or provided no reason at all, the Control Yuan said in a statement, following an investigation headed by Control Yuan member Lin Wen-cheng (林文程). The probe identified 318 civil servants who traveled to China without permission in the past 10 years, but the true number could be close to 1,000, the Control Yuan said. The public employees investigated were not engaged in national
The zero emissions ship Porrima P111 was launched yesterday in Kaohsiung, showcasing the nation’s advancement in green technology, city Mayor Chen Chi-mai (陳其邁) said. The nation last year acquired the Swiss-owned vessel, formerly known as Turanor PlanetSolar, in a bid to boost Taiwan’s technology sector, as well as ecotourism in Palau, Chen said at the ship’s launch ceremony at Singda Harbor. Palauan President Surangel Whipps Jr and Minister of Foreign Affairs Lin Chia-lung (林佳龍) also attended the event. The original vessel was the first solar-powered ship to circumnavigate the globe in a voyage from 2010 to 2012. Taiwan-based Porrima Inc (保利馬) installed upgrades with
ENHANCE DETERRENCE: Taiwan has to display ‘fierce resolve’ to defend itself for China to understand that the costs of war outweigh potential gains, Koo said Taiwan’s armed forces must reach a high level of combat readiness by 2027 to effectively deter a potential Chinese invasion, Minister of National Defense Wellington Koo (顧立雄) said in an interview with the Chinese-language Liberty Times (sister newspaper of the Taipei Times) published yesterday. His comments came three days after US Secretary of State Marco Rubio told the US Senate that deterring a Chinese attack on Taiwan requires making a conflict “cost more than what it’s worth.” Rubio made the remarks in response to a question about US policy on Taiwan’s defense from Republican Senator John Cornyn, who said that Chinese
RSS