As worldwide reports suggest that the spread of the Slapper worm is starting to slow, security experts are warning Australian businesses of a new, more dangerous variant.

Grant Slender, principle consultant for Internet Security Systems (ISS), contacted ZDNet Australia concerning the latest variant of the Slapper.A (also known as Apache_mod_ssl) Linux worm, Slapper.B.

"The previous version was a concept worm," said Slender. "This new derivative, which is the previous worm with hacker components, contains a backdoor that allows a hacker to get a command prompt on the machine." He said this would allow the hacker to access any of the functions on the machine, and connect to servers on the network behind it.

The worm also sends the IP addresses, host names and servers that have been e-mailed with the virus.

So far more than 30 major Australian ISPs and businesses have been affected by the new variant of the worm, and Slender said a lot of infrastructure was being infected, instead of the Web servers that are infected by worms such as Nimda.

"Linux has a tradition of being more secure so it has been placed in more sensitive areas of the infrastructure," said Slender. "Just because it's Linux doesn't mean it's secure, you need secure practices. Bad practices result in the system being compromised, no matter what the platform."

"If they've removed the vulnerability then Slapper.B will not be able to infect it. The reason worms propagate is that people don't patch their systems. The vulnerability was identified early this year," said Slender. "If they haven't taken the steps up to now, they probably still won't."

Copyright © 2009 CBS Interactive, a CBS Company. All Rights Reserved.
ZDNET is a registered service mark of CBS Interactive. ZDNET Logo is a service mark of CBS Interactive.