****************************************W2KnewsFLASH: URGENT-Read this now.****************************************Hi All,Justs got this from SANS an hour or so ago. This is important enoughto forward to the whole list on a rush basis.Warm regards,Stu****************************************Large Criminal Hacker Attack on Windows NT E-Banking and E-Commerce Sites3:00 PM EST, Thursday, March 8, 2001In the largest criminal Internet attack to date, a group of EasternEuropean hackers has spent a year systematically exploiting knownWindows NT vulnerabilities to steal customer data. More than a millioncredit cards have been taken and more than 40 sites have beenvictimized.The FBI and Secret Service are taking the unprecedented step ofreleasing detailed forensic information from ongoing investigationsbecause of the importance of the attacks.The information was released to the SANS community a short time beforeit was made available to the general public so that you can be sure yoursystems are safe.Within a day or two, the Center for Internet Security will release asmall tool that you can use to check your systems for thevulnerabilities and also to look for files the FBI has found present onmany compromised systems - indicating your system may have already beencompromised by the attacker group.The Center's tools are normally available only to members, but becauseof the importance of this problem, the Center agreed to make the newtool, built for the Center by Steve Gibson of Gibson Research) availableto all who need it. Center members have already received an invitationto the conference call this afternoon to get more data on the attack.If your organization is not a member, we encourage you to join in thisimportant initiative to fight back against computer crime. See www.cisecurity.org for a list of members and how to join.AlanAlan PallerDirector of ResearchThe SANS Institute
