Massive DDoS Attack Brewing?

Quite a number of people wrote in with the news that CNN is reporting that a Back Orifice-like program masquerading as a movie clip is infecting thousands of computers worldwide. The prediction is that it's being setup for a DDos - but the technical details, are shall we say, "sketchy".

Re:CNN ?

[Booxbaum]

The link to the advisory on www.netsec.net is here, has more technical info than the cnn article.

Stop it before it spreads

[geoffeg]

To prevent this DDoS from happening I think that everyone should start turning off their computers. Anyone that works at an ISP should go to the server room's and shut everything off. Not only will this stop *this* DDoS right in its tracks, it will save power.

shutdown -h now damnit
Geoff

Re:Stop it before it spreads

[MrDelSarto]

don't worry ; i've written a small vbs file that will send everyone in your address book a message informing them they may unwittingly be part of a DDoS attack ...

Here's the beef

[akey]

A quick check of the Network Security Technologies website has a bit more info than the CNN article. Read their advisory here. Apparently, the Serbian Badman Trojan (as they're calling it) is using an IRC channel to report the compromised IP address, and then starts listening on a port -- this is why they think it could presumably be used for a DDoS attack.

---

Re:WTF?

[cancerboy]

Actually MSNBC has a better story, including the reply from Network Associates that they think it's pretty much low risk.

Also names the file which goes under two names

QuickFlick.mpg.exe or MySissy.mpg.exe

Interesting quote ...

[Draoi]

Interesting quote from the NETSEC guy:

"We're all hackers, in the traditional sense of the word," Waskelis said. "If we find something like this, we want to pick it apart and see what it's doing."

They're finally getting their terminology right ...

Pete C