Lentin worm used in Political attack

Lentin Internet Worm Used in Politically Charged Attack
The official Pakistan government Web site (www.pak.gov.pk) has
apparently been subjected to a politically motivated attack launched by
the latest version of the Lentin Internet worm.

The virus Lentin.e contains a payload designed in part to disrupt the
home page of the Islamic Republic of Pakistan with a rudimentary denial
of service attack.

Yaha causes an infected computer to make repeated connection attempts to
the Pakistan government site. If many computers are infected by the worm
the result can be a DoS (Denial of Service) attack.

Lentin is a mass-mailing worm carried in an infected e-mail attachment.
It arrives with a message containing widely varying subject lines and
body contents. The code is designed to propagate itself to all e-mail
addresses in the victim's Microsoft Windows Address Book, MSN Messenger
List, Yahoo Pager list, and ICQ list. Lentin also attempts to disable
anti-virus and firewall software.

An interesting aspect of the attack on the Pakistan government site is
the nature of the DoS assault itself. Unlike most DoS attacks, which are
usually sudden bursts which overwhelm a server with requests, this
attack, using the Lentin.e worm, was designed to slowly accumulate as
the worm spread, eventually strangling the Pakistani government site
once the worm gained a critical level of victim computers.

For more details about the Lentin (a.k.a. Yaha) worm please go here:
http://www.viruslist.com/eng/viruslist.html?id=49928

 

Pakistan gets their share of hit..at this site left side you can see the ten latest sites compromized and by what group.
http://www.pakcert.org/main.html