Slashdot Mirror

← Back to Stories (view on slashdot.org)

Four Kids Confess to Goner Worm

Posted by ryuzaki0 on from the hope-they-get-grounded-with-no-dinner dept.

imrdkl writes: "4 kids in Israel have confessed to writing and distributing the Goner worm, according to Fox." Yet another annoying worm comes and goes, wasting countless IT hours, to say nothing of bandwidth. The kids face up to five years -- of course since they aren't in the U.S., they might actually be punished.

6 of 539 comments (clear)

  1. Comment removed by account_deleted · · Score: 5, Interesting

    Comment removed based on user account deletion

  2. Fixing the staff problem by Anonymous+Brave+Guy · · Score: 5, Interesting

    I don't agree entirely with what you write, since I assign the blame for things like this almost entirely to those who write the stuff in the first place. I'm sure you'll get plenty of other replies saying the same.

    OTOH, you make a fair point about employee training. The small company where I work, a software development house, has had a few e-mail viruses mailed to it over the past year or two. It's interesting to note that these often get forwarded around the office, but invariably by non-technical staff. The developers and tech support guys and gals generally have the sense not to run blind attachments; the admin and management guys and gals are more trusting, and bite the bullet.

    Our IT support guys have long had a record kept of exactly when everyone runs the anti-virus update they mail round every month. Recently, they've instituted a "leader board", which is mailed to everyone, showing who ran it fastest. It's an amusing little game for those of us who are sitting in front of our PCs anyway, but the really telling thing is the people who don't appear on the list at all (which is typically mailed around the afternoon after the update), i.e., those people who still haven't updated their systems several hours later. Guess who they are...

    So, we have established that certain types of users are more vulnerable to this than others, and we know who they are. The next question, of course, is what to do about it. You can come up with any number of penalties, but how are you going to turn around and slap them on, say, the MD of your company (a repeated offender in our case)?

    Personally, I always liked the "drill" approach. The IT guys occasionally create a Hotmail account or some such, and mail something cool-looking to a few random accounts at the company. If you run the attachment, it pops up a simple message on your screen informing you that if this had been real, you'd just have cost everyone in the company a day's work/sent abusive mail to your most profitable client/whatever. This isn't publicly embarassing, and it makes the point. It's certainly proven very successful in a couple of cases I know of.

    You could complement that with a "three strikes" sort of rule. Anyone who falls for it gets a couple more spams shortly thereafter. Anyone who falls for it repeatedly has maximum security settings imposed on their machine thereafter. It will cause them hassle if, for example, they have to send or receive a genuine executable attachment, but such is the price you pay for keeping your systems secure from your own users as well as people outside. Better that than watching offensive mail go to those top five clients...

    --
    If you disagree, post your argument. (-1, Overrated) isn't your personal censorship tool for views you don't like.
  3. Attachment blocking at the server by bubblegoose · · Score: 5, Informative

    This virus wasted about 5 minutes of my time. I read an article about what it did, then the next day I deleted about 150 copies of this that got quarantined on our company's Exchange server.

    I use a virus scanner on the Exchange server capable of blocking attachments based on extension (Scanmail by TrendMicro works nicely for me). I always block:
    ade,adp,asx,bas,bat,chm,cmd,com,cpl,crt,exe,hlp, ht a,inf,ins,isp,js,jse,lnk,mdb,mde,msc,msi,msp,mst,p cd,pif,reg,scr,sct,shs,url,vb,vbe,vbs,wsc,wsf,wsh

    Bingo - no e-mail virus problems :)

    I figure if my users really need them and the person sending the message is smart enough (and meant to send it) then they can zip it. If the sender wasn't smart enough to zip it, then I can always pull it out of the quarantine folder.

    --
    I hope that someday we will be able to put away our fears and prejudices and just laugh at people. - Jack Handey
  4. Re:Well blahs all around by slackergod · · Score: 5, Insightful

    This is more like handing someone a handgrenade,
    with an attached note saying "pull this pin,"
    and that person then proceeding to pull it,
    even though they have been told OVER AND OVER
    that if they pull the pin on a hand grenade,
    it will hurt them.

    The virus is dormant, completely harmless
    UNTIL SOMEONE RUNS IT.
    The fact that someone wrote and engineered it
    to spread in this way, and convince people to run
    it, they (the writers) should be held accountable.

    But just because they are responsible doesn't
    mean every other person down the line
    isn't responsible as well.

    Makes me think of an episode of Space Ghost Coast To Coast (Snatch, I think..)
    which goes something like this:

    "The rays... Its... Its feeding on the rays!"
    "Then don't shoot it!"
    "But.. The rays... It's feeding on them! Ohh."

  5. Don't worry too much. by Apuleius · · Score: 5, Insightful

    They're first time offenders who confessed. They're high school students who would otherwise be preparing to be drafted to the Israeli army soon, and the government will not want to disrupt that if it isn't necessary. Finally, they are from a town that is notorious for inducing boredom for its teenagers. They may get a few months, but I wouldn't count on it, and they'll get assigned to the Ma'asiahu prison, where conditions are very good (it's Israel's prison for first time offenders, and it's probably the only place in the world you could call a re-education camp without irony.)

  6. Defense against information warfare by xiphosuran · · Score: 5, Interesting

    These virus writers are doing a public service. Serious problems with our communications infrastructure might not be fixed if it weren't for them.

    Imagine what could happen if the first exploits of these security flaws came, not piecemeal from a scattering of amateurs, but rather from some adversary who could call on the services of numbers of technically proficient individuals. A hostile government say, or a terrorist movement that drew in disaffected persons in many countries. What if the vast majority of business users had no idea of how vulnerable they were until the system suffered a massive failure?

    There is an enormous learning process going. People are finding out the hard way, what they would never otherwise have the time to focus on: computers can fail, for very subtle reasons, and we are more dependent on them every day.