Malware is one of those ongoing menaces that everyone who uses a computer has a hand in fighting against—or in some cases propagating, either knowingly or unknowingly—but one of the newest threats has started to branch out, and has been spotted in some unusual places. It's the Fort Disco malware, and it's moving into several different systems with the intent of launching brute force attacks against the password structures of said systems.

Fort Disco's origins go back to August, where it was documented by a set of researchers from Arbor Networks (News - Alert), who specialize in distributed denial of service (DDoS) attacks. Arbor Networks' researches estimated that over 25,000 Windows computers had been infected by Fort Disco, and Fort Disco has been used to successfully guess administrator passwords on over 6,000 different websites, including those powered by Datalife Engine, Joomla and WordPress.

Once Fort Disco has successfully infiltrated a computer, it then refers back to a larger command and control server for further directions, including a list of targets measuring in the thousands and passwords to try. But perhaps more unnerving is that Fort Disco seems to be evolving, according to word from security researchers in Switzerland who maintain Abuse.ch, a botnet tracking service. Said researchers discovered an offshoot of Fort Disco that wasn't trying to force WordPress credentials, but had instead turned its attention to Post Office Protocol version 3 (POP3). This is the system that allows e-mail clients to connect to servers and retrieve the messages from existing accounts.

The new offshoot behaves in much the same way as the other Fort Disco version, but its command and control server instead offers domain names and mail exchanger records instead of the administrator accounts of the other variety. There are also a set of e-mail accounts to try, generally in the range of “admin,” “info” or “support” accounts. Shadowserver, another botnet tracking service, also recently noted a breed of Fort Disco targeting FTP accounts in the same fashion.

Brute force attacks, at last report, are nothing new, but commonly are seen with Perl or Python scripts instead of Fort Disco's methodology. Indeed, thanks to this new breed, not only are the attacks coming from several sources at once, but are also going after unexpected targets like POP3 and FTP.

Though some may question just what the impact of something like this is, with increasing numbers of people working on WordPress and the like, it could have a pretty substantial impact indeed beyond the kinds of havoc that can be normally caused by a DDoS attack or the like. E-mail attacks, meanwhile, can be even worse given the sheer amount of possible uses that an e-mail account can have, especially in terms of mobile workers. So a bit of juggling when it comes to passwords—difficult to guess passwords, long passwords, passwords that involves multiple types of character including numbers, letters and punctuation—can all have a positive impact on protecting such accounts, and even brute force attacks powered by multiple PCs can have a difficult time succeeding.

Brute force malware attacks can raise havoc with most operations, but being prepared for such attacks can have a very positive result indeed and help protect vital systems.