Fox News:

The Pentagon has suffered from a cyber attack so alarming that it has taken the unprecedented step of banning the use of external hardware devices, such as flash drives and DVD’s, FOX News has learned.

The attack came in the form of a global virus or worm that is spreading rapidly throughout a number of military networks.

“We have detected a global virus for which there has been alerts, and we have seen some of this on our networks,” a Pentagon official told FOX News. “We are now taking steps to mitigate the virus.”

The official could not reveal the source of the attack because that information remains classified.

————————————-

News.com.au:

The US military has banned the use of flash drives and DVDs on its computers as it tries to combat a virus spreading rapidly through its networks.

The Pentagon ordered an unprecedented ban on all external hardware but refused to comment on the source of the attack, saying such information was classified.

“We have detected a global virus for which there has been alerts, and we have seen some of this on our networks,” a Pentagon official told Fox News.

“We are now taking steps to mitigate the virus.” …

An email sent to military personnel identified the problem as being caused by a virus called Agent.btz, Wired.com reports.

The virus is a variation of the “SillyFDC” worm, which has been around since about 2005 and spreads by copying itself to flash drives and then replicates onto any computer that device is plugged into.

Agent.btz originated in China, according to ThreatExpert. Spyware Doctor is reported to be capable of eliminating it.

And to the production of computer viruses.

In the Netherlands, private enterprise has found it.

On March 14 I reported finding it impossible for several days, since around March 10 or 11, to access the Volokh Conspiracy Blog at its conventional address: www.volokh.com.

Clearly, my experience with this problem is not unique, since Glenn Reynolds blogged about this yesterday (March 18).

Professor Reynolds kindly supplies a solution which saves all of us affected the necessity of logging into our computers in Safe Mode and searching the Registry for a corrupted Host file.

All one needs to do is use Volokh.Powerblogs.Com instead.

Hat tip to Walter Olson.

Last Saturday, I clicked on an Instapundit link to a Volokh posting, and got the traditional MS Explorer negative page-not-found response.

The page cannot be displayed

The page you are looking for is currently unavailable. The Web site might be experiencing technical difficulties, or you may need to adjust your browser settings.

Even important blogs have technical difficulties, so I simply shrugged and made a mental note to try again later.

But when the problem was still there on Monday, I concluded there was more to this than meets the eye.

About a year ago, my personal computer was infected by a Trojan, which exploited one of those only-too-numerous Microsoft vulnerabilities. It was the sort of thing which hijacks your computer to send out thousands of replications of itself covertly, degrading system performance significantly in the process.

I would never have known it was there, but for the fact that I could no longer log into Norton to update my antivirus software. The Trojan wrote to my Host file instructions directing all prominent antivirus website addresses to a dead address.

Wikipedia discusses this kind of hijacking technique in its Host file entry.

Further investigation established that my wife’s notebook was blocked from Volokh Conspiracy by the same malware. But a friend in California last night was not impacted by this problem.

I don’t recall exactly which file needs to be edited, but I can tell you that correcting this kind of problem is a lot of work. One has to turn off System Restore, reboot the computer in Safe mode, then edit the Registry to get rid of the illicit Host file entry. Entering Safe Mode is a bummer for me, because it will mess up all the icons on desk top, producing even more work sorting them all out again.

Would readers please check to see if they can link to Volokh Conspiracy, and tell me via email, or in Comments here, if they are also experiencing the same problem?