Slashdot Mirror
Building The Ubervirus
Johnath writes: "The HNN has a rather eye-opening article about a potential disaster dangling overhead. It's not so much that the ideas presented are revolutionary -- most /. readers would probably come up with a similar scheme, if called upon to design a killer net virus, but nevertheless, it pretty lucidly addresses the potential damage."
Ok, people are doing some fine things with Outlook and other tools nowdays in the virus world but I think where they fall down is in the social engineering area :) I don't know whether this is technically feasible and I have no desire to find out (I take no responsibility etc....)
Let's say the point of the virus is not to physically disrupt the mail system, but to mentally disrupt it. People should be afraid to open mail messages, and disbelieve the ones they do open, rather than have the mail server crash.
So, step one is to send out the messages gradually so that people don't realise immediately that something is wrong. You don't want to make people wary at the begining. After some interval when you've infected enough machines, then go for the full virus crash.
Step two is to vary the subject. One way would be by making the subject be Re: of something already in the mailbox from the person you are sending the current message to. Make all others that you can't find messages to reply to start with Fwd:.
Step three is to look in the mailbox to see if you can find an administrator of some sort. Look for system administrator or something similar in the title, or look for membership of the admin group or similar. If you manage to get on an administrator's machine then send out a virus alert message to everyone in the address book. Include in the alert a copy of the virus with instructions to double click to disinfect the machine. If you are not on an administrator's machine then send to one or two people in the address book a message that says in the subject Fwd: Virus loose (from admin name here) to see if you can fool people that way.
Anyway don't try any of the above because they probably don't work, and I certainly don't want to be responsible if it does. I'd guess this is the sort of stuff that a professional/governmental virus would try to do. If you were China (for example) and wanted to disrupt email in the US (why I don't know) social engineering to produce a lack of trust in the system is more likely to be successful and effective than the sort of spam attacks we've been seeing lately.
development.lombardi.com
A killer net virus that would destroy the Net as we know it has been very easily in reach once the majority of computers on the Internet became homogenized Windows//MSFT Office//Outlook boxes.
.doc , .xls, .sys, .bat, .dll, .html and .jar to 0, I am sure corporations would probably be fuming about Trillions of dollars in irreparable damages (after all how much stuff is actually backed up or centrally stored in a Windows world).
Whenever I read about a Mellissa or an I Love You I smile to myself and think "I would have trashed their hard drives after spamming myself to all their friends.". If Mellissa or I Love You hadn't been content with simply bogging down net servers and had decided to set the file length of all
In my opinion the article is overkill, a virus doesn't have to be particularly clever or well designed to cause havok anymore thanks to the beauty of MSFT operating systems. Any script kiddie or MSCE with a passable knowledge of Virus Building Script can bring it all toppling down.
Off course, none of us will ever do it because we know it would do so much damage to the 'Net (government would step in hard) and also hurt many of us financially in some indirect way.
WHY C SUCKS
-----------
int i =0;
i = i + 1;
Now look at the state of the virus world - ILOVEYOU.vbs (OK, it's a trojan, but still replicates like a virus) and the damage it caused. I'm not talking about the x billion the media claim it cost, just the panic in my IT department when virused email couldn't be deleted fast enough. Look at the code for ILOVEYOU.vbs - it is a doddle. No real inspiration involved - just patch 4 entries out off bugtraq together, and there you go.
What we have now is a state of play where the entry level in writing malicious code is dropping rapidly as more and more people get into computers. Don't want to spend a few years learning to code? Hah, our whizbang COMActiveXCORBA plugin gives you the power on your desktop!!!
Don't worry that your soft underbelly is now exposed because we can't give you the ease of use you want, without you knowing what you're doing!!! And you're too stupid to realise!!!
So now that the learning curve has been removed, you will have people all over the net trying to write and run viruses, without a clue of the repercussions it may cause. Because they don't really understand what they are doing.
Strong data typing is for those with weak minds.
Strong data typing is for those with weak minds.
This just goes to prove the insanity of low-cost easily-accesible computers and software in the hands of everyone. Every day, hundreds, perhaps thousands of machines are infected with virus and trojan software. The cost in lost data and productivity is easily in the millions.
We have to stop this madness now.
Right now, computers are less regulated than lawnmowers or automobiles. We require drivers to pass a proficiency test, why not computer buyers? It's time we registered computers and performed background checks on people who buy them. This is the only way to keep computers out of the hands of children and criminals.
I am proposing a Million Geek March. We will have speakers telling stories of how their lives were destroyed by computers. Let's send a message to Washington now: "We need to be safe from computers!" It is absurd that in the year 2000, I have to scan every attachment I receive and every program I download. We need to make our information infrastructure safe again.
All of you who oppose my plan, I ask, "What do you have to fear?" We're not planning to take away your computers. We just want some common-sense legislation for the safety of all. It will be a tough fight -- the rich lobbyists from Dell and Microsoft will try to stop us. They'll claim that the right to access information cannot be restricted. They'll claim that computers aren't the problem. We know they're wrong. Modern computers make it easier than ever to create destructive programs. A computer in the home is a tragedy waiting to happen.
Let's get some common-sense computer regulation now. Thank you.
Save the whales. Feed the hungry. Free the mallocs.
Here is a clue.
The Samba folks don't publicize it, but they have found a number of buffer overflows in the stacks of every single OS out there. (They patched the ones they found in Linux.:-) A truly nasty critter would be set up to transmit itself using those overflows.
If done right you would get a worm or virus that can transmit from computer to computer without any manual intervention. There has to date been exactly one such on the internet. The Morris worm. It went out of its way to be nice, and it still shut down the Internet through sheer speed of reproduction.
You see getting a human in the loop slows things down. If you want to be truly nasty, automate it from start to finish. Then the first people will hear about it is when their networks go down.
Cheers,
Ben
My usual seat in the cluetrain is at A HREF="http://pub4.ezboard.com/biwethey.ht
One of worst things that can happen is the information about virii and other security threats to be shared only among some selected few. You may have seen the story about a 3 year old AOL security hole this weekend. The only way to prevent this kind of problem to become a major problem is to publicize the risk to the maximun possible extend. It guarantees that every system administrator in the world will hear about it and take the necessary steps to protect his/her piece of the network.