Slashdot Mirror

← Back to Stories (view on slashdot.org)

WebTV/MSNTV Virus Dials 911

Posted by timothy on from the well-it's-only-a-minor-emergency dept.

Semji Rkim writes: "Though not the first virus to direct modems at 911, ABC News is reporting a bug in WebTV (Now branded as MSNTV) units which causes the infected unit to hang-up and dial 911. The virus spreads via email and Microsoft officials are looking into how it is able to replicate and also control the modem. Affected users are advised to delete the email and call Microsoft at 1-800-469-3288."

19 of 515 comments (clear)

  1. Legal Consequences? by jonman_d · · Score: 2, Interesting

    If (incredibly hypothetical?) the guy/gal who wrote this virus gets caught, can he/she be fined/jailed for each and every call made to 911? If so, how long would you be in jail for/how much would you have to pay?

    --

    --
    http://nemilar.net - Not your grandmother's soup kitchen
  2. Liability? by Quixote · · Score: 2, Interesting

    This is bad, because 911 services cost real taxpayer money. The question is: can Microsoft be held liable for wasting my taxpayer dollars because of their product's flaws?

  3. How much longer until 1-900? by magicsquid · · Score: 5, Interesting

    How much longer will it be before unscrupulous 900 number operators enlist people to alter this virus to make it dial their numbers? Given that it takes a month to get a phone bill, the culprits can close up shop and move on long before anyone even realizes there is a probem...

    --


    "Chances of RHIC-induced Armageddon are exceedingly rare, but... you never know." - MIT Physicist Bob Jaffe
    1. Re:How much longer until 1-900? by brain-in-a-box · · Score: 3, Interesting

      In Germany there is already a huge problem with dialer programs which try to sneak themselves into your system and replace your default dial-up connection with an expensive 0198 etc numbers. There were programs which caused 200 Euro to be charged per dial-in.
      However these program come as some kind of trojan, usually springing up some "accept box" (only on install). However, these boxes often don't say that an expensive connection will be created - sometimes they even claim to be a "screensaver update"

      --
      You are the dot in slashdot !
  4. Re:This is serious by Henry+V+.009 · · Score: 3, Interesting

    Under the new hacking legislation reported in slashdot earlier, could this make the creator liable for the death penalty?

  5. Re:I Wonder by jeffy124 · · Score: 1, Interesting

    i read somewhere last week that Gateway once published a number as 800, but was supposed to be 888. The company that owned that 800 number sued Gateway and won judgement for charges related to callers calling that number incorrectly, and damages resulting from lost productivity.

    Let's hope MS (and the press) got that number right, for the sake of whomever would be at the other end...

    --
    The One Rule Of Chess You'll Ever Need: Don't play someone who carries a kit in their bookbag.
  6. Why not... by curunir · · Score: 3, Interesting

    ...just have the MSNTV units call the 1-800-469-3288 number directly.

    Why don't the people who write viruses ever have a sense of humor?

    --
    "Don't blame me, I voted for Kodos!"
  7. Re:This is serious by Anonymous Coward · · Score: 2, Interesting

    Yeah. It's funny, this ex-microsoft chief is running around screaming about how worms will destroy everything by 2005, but right here we have a worm tying up 911 lines and possibly ending lives, today.

    Oh, wait, except that the ex-microsoft chief seems to be blaming TCP/IP and power companies and traffic light manufacturers and, well, everyone except Microsoft, for how much of a problem these "zero-day worms" are, and very distantly implying a palladium style global user-distrust technology would be the answer, from looking at that article. Funny how this sort of thing (massive-scale destructive worms) never seems to happen anymore except through Microsoft products.. I personally wonder if we'd see less of this Code Red / Klez stuff if we had less of a computing monoculture.

  8. Full service virus by Maniakes · · Score: 2, Interesting

    Part of the purpose of 911 is to report crimes.
    Hacking is a serious crime.

    The virus is just calling 911 to report itself.

    --
    A legparnasom tele van angolnaval.
  9. Its very simple to do this... by Critical_ · · Score: 3, Interesting

    I don't know the exact in's-and-out's of the webtv e-mail system but back in the BBS days, we used to send each other (amongst friends) DOS TSR's that would be disguised as a trusted executable file for a legit program. The person would run it and hang up their modem used ATH0. And dial out numbers using ATDT. To get rid of it, they would have to reboot using a bootdisk since the TSR would be in their autoexec.bat file. Anyway, the point is that this method of modem-"hacking" is very easy to do and shouldn't be tough to adapt for the modern day webtv.

    A part of me actually finds the idea of Microsoft being held liable for the 911 calls pretty amusing. But the reality is that it costs money and unfortunately it could cost lives. I hope all of you people make sure to tell your moms/dads/grandparents/spouses/friends/etc. to disconnect their boxes from the phones lines.

  10. Reminds me of a modem story... by writermike · · Score: 2, Interesting

    Back in the days of 2400bps, when modems touted features like "auto-dial," every night when one of my friends made his BBS rounds, the cops would show up at his house.

    This went on for days. And no one really put it together until, one night, while listening to the dial-tones coming out the speak of his Avatar 2400 modem, he noticed that anytime the modem attempted to dial an 8, nothing would come out.

    And one of the BBSs he dialed started thus:
    (8)91-1xxx

    --
    If Nalgene water bottles are outlawed, only outlaws will have Nalgene water bottles.
  11. I'd hate to be in the SOC right about now by Anonymous Coward · · Score: 1, Interesting
    I know for a fact that the WebTV box exposes a lot of functionality to anyone who knows the right HTML tags. It's possible that the malware in question rewrites in EEPROM the number for the ANI service, which ordinarily passes a list of local POPs to the box. It probably then wipes the current ANI numbers, reboots the box, after which it tries to dial the ANI service which is now 911.

    Whoops.

  12. IRC by owenc · · Score: 2, Interesting

    I had a ctcp command do that on undernet once. Like[1] an idiot, I ran it, and nothing seemed to happen. It had however hung up the modem and dialled 911. I tried it four times. I forgot about it and carried on for about 15 minutes. Then at midnight I heard a knock on the door. I thought maybe a neighbor had some sort of an emergency or something. It was the police. He asked if everything was ok, but wouldn't leave until he saw my mother to make sure I didn't hack them up or something. It was kind of hard to explain that someone on undernet had sent me this command and said that it actually done something else. I wish I could say I learned something from that experience...

    [1] maybe "like" is not the best word

  13. Reminds me of the good ol' days. by Anonymous Coward · · Score: 1, Interesting
    Someone in town had a TI 99/4A BBS with "call back verification." Now this was as popular a measure back then as the recent "troll suppression" measures here are today. Also note that this wasn't a professionally written BBS package, but something the sysop rolled himself.

    Anyway, I don't know how many times this poor sysop's machine had dialed 911 when attempting to call-back verify 911-1234, etc. And I don't know if anyone ever bothered that first day to see if was smart enough not to dial 011 numbers.

    ~~~

  14. Re:This is serious by murphj · · Score: 5, Interesting
    Quoted from parent's link:
    The patent was a "submarine" patent -- that is, one that issues long after others in the industry have begun using the same technique or technology ... The patent involved the timing of the escape sequence: The characters "+++" followed by a 1-second pause. To get around the patent, some modem vendors simply eliminated the pause, so that the sequence +++AT would bring the modem back to command mode in all cases.
    It's interesting that the only reason this works is that Hayes pulled the same trick Forgent is trying with JPEG.

    --
    SONY. Because caucasians are just too damn tall.
  15. Re:This is serious by lightcycler · · Score: 2, Interesting

    "Whoever wrote this should get some SERIOUS jail time"

    No, the director of the company who wrote the software should.

    If I kick a wall and the building falls down, whose fault is it? mine or the architect's?

  16. Palladium by mizhi · · Score: 2, Interesting

    So this is the company we're supposed to trust to make the internet more secure with Palladium?

    --
    Humorless sig goes here.
  17. Product Misrepresentation by Anonymous Coward · · Score: 1, Interesting

    One of the big selling points of the WebTV unit was that it was "impossible" to get viruses. The sales staff were trained to say this (I knew a few). Obviously this isn't the case.

  18. Re:ATH0 by toastyman · · Score: 3, Interesting

    What's really amusing....

    Back when this was first "discovered", I was one of the people on Bugtraq discussing how this could be exploited.

    I very stupidly posted what I typed to knock myself off, with my real nickname included: //raw NOTICE ToastyMan : $+ $chr(1) $+ PING +++ATH0 $+ $chr(1)

    For the longest time, I couldn't sign on IRC on any major network without someone actually typing that verbatim, and sending that to me.

    In the past couple of years I've received thousands of those. Kinda funny. :)