Slashdot Mirror

← Back to Stories (view on slashdot.org)

Targeted Worm Hits Kazaa's Network

Posted by timothy on from the worms-churn-the-earth dept.

sh0rtie writes: "Kaspersky Labs and the BBC are reporting that the Fasttrack network that Kazaa uses has been hit by its first targeted worm virus dubbed 'Benjamin.' Is this a clever RIAA creation or that of a mischievous virus writer? I guess we will never know, but the result is that it seems to be bringing unsuspecting users machines to a crawl with full hard drives and clogging up the Fasttrack network with massive amounts of traffic bringing more headaches for ISPs and sysadmins worldwide."

5 of 300 comments (clear)

  1. Stupid Virus Writer? by Saeculorum · · Score: 5, Insightful

    From the article...

    In addition to eating up free disk space Benjamin takes additional actions: under the name of the infected computer's owner it opens an anonymous web site from which it displays advertising banners. This way Benjamin's creator profits by the resulting increase in advertising displays.

    I might be wrong, but I'd think it'd be quite easy to find where the money from the advertising banners is going to. Quite simple to find the virus writer.

    Of course, the recipient of the advertising revenue may not be the virus writer, but it's a good place to start.

    Stupid people amuse me.

  2. How is it activated? by Shagg · · Score: 4, Insightful

    The way I understand the article, it replicates itself in someone's share directory and waits for other Kaaza users to download it. How is it executed on the remote user's computer then? Do they have to specifically run the virus program, or is there a security hole in the Kaaza client somewhere that automatically executes the virus?

    I'm assuming users that download this file must specifically execute it. If this is true, then IMHO any person who downloads an unknown .exe from a P2P network and runs it without at least scanning it, deservers what they get.

    --
    Unix is user friendly, it's just selective about who its friends are.
  3. These poor script kiddies by Henry+V+.009 · · Score: 4, Insightful

    Whenever I think of what could be achieved by a virus using a P2P system, I am all the more astounded by the limited imaginations of these puny 13-year-old hackers.

    How about using a million computers working in parallel to break an weak encryption and read some third world govenment's military email?

    What about creating a secondary virus that uses known windows vulnerabilities and has a mathematically reasonable replication scheme to install itself on hundreds of millions more computers, and then use that to bring down the entire internet on a given day?

    What about turning these people's P2P servers into a humungous free proxy network, defeating internet censorship attempts of evil totalitarian regimes (like China)?

  4. Hard to tell the worm from the software by BCoates · · Score: 5, Insightful

    Hmm, uses your drive space and bandwidth, pops up ads, modifies your system configuration without your permission...

    Looks to me like the only difference between this trojan and the programs it comes in is that one has a EULA.

    Time for virus writers to wise up and disclaim liability with an incomprehensible clickthrough like all the other writers of malicious code...

    --
    Benjamin Coates

  5. protection is easy... by sluggie · · Score: 4, Insightful

    Just filter out all files under 1 meg... it worked for me since I guess it only shows up when searching for software...