Has the RIAA Wormed 95% of P2P Networks?

DancingSword was one of many to submit links to a strange story about the RIAA hacking back by sending a worm through the major peer-to-peer networks, supposedly with a 95% infestation rate. Hoax or not?

Poor choice of headline

[hyacinthus]

Anyone who owns a dog knows that "to worm" means to _get rid_ of worms, not to infect with them.

hyacinthus.

Re:Poor choice of headline

[Etrigan_696]

Unless you modify it with the word "UP". As in:
My dog ate road-kill and got all wormed up.

The typical cure for this is (if you have money) to get the wormer from the vet/wal-mart/pet store and hope... Or...(if you are poor and the dog means alot to you) you force feed the pooch a huge wad of "Chaw"... Chewing Tobacco.... Several times. It does the trick, but it's like chemotherapy - you're just hoping the worms die before the dog does.

Okay - maybe this is a Southern Redneck Hunting Dog thing...I dunno.

Re:Poor choice of headline

[grub]

There should be some sort of IQ test before moderator points are handed out.

I think there is, I haven't had mod points for weeks and my karma is Excellent..

That explains...

why all my porn has been changed to Hillary Rosen with a strap-on.

worm code

[macrophage]

Hey, I found a copy of the worm's code:

RIAA - 0wn3d by.... ;p
oooh riaa want's to hack Filesharing Users / Servers ? - better lern to secure your own server...
Sorry Admin - had to deactivate ur accounts - they'll be reactivated after 2 hours

greetz : Rage_X, BRAiNBUG, SyzL0rd, BSJ, PsychoD + all the others who want to stay anonymous :]
wanna contact ? mailto:h4x0r0815@mail.ru

Oh, wait, that was the RIAA's web page. Never mind!

Nah.

[llamalicious]

I've got at least 7 mp3 downloads running right now and none of them appear to be infe($!$%. .AF0ERIAA.`/2#..-

Re:Nah.

[Anonymous+Brave+Guy]

I've got at least 7 mp3 downloads running right now ...

We know, thanks.

Love and hugs,
The RIAA

Re:If you can't beat 'em

[squiggleslash]

Given the number of times the RIAA's website has been hacked, I'm guessing they're thinking the way you are...

No need to worry...

[anthony_dipierro]

I'm sure if you are only sending/receiving legal mp3 files you won't run across this worm. And we all know that slashdotters never download illegal files.

Re:hmmm

[innerlimit]

just a question, i just tried to log on to the RIAA site... and it seems to be down? Was their sysadmin maybe playing some o' them *bad* mp3's ???

Re:Windows Clients/hosts?

[i.r.id10t]

If this is the case and they are distributing a binary based on GPL code from xmms/mpg123/etc. then don't they have to release the source as well?

RIAA statistics

[Loonacy]

Only 10% of the computers were really infected. But they were FAST computers, so they count as 95%.

Re:Want to be secure? Use systrace...

[Tom]

Systrace is a nice toy, but unfortunately a flawed concept. There's a whitepaper from the NSA about the why, look on their selinux site (www.nsa.gov/selinux)

Re:That explains...(hold on a minute)

[gosand]

why all my porn has been changed to Hillary Rosen with a strap-on.

Wait a minute...
THAT'S NO STRAP-ON !

Gobbles is a glory whore

[essdodson]

To anyone who's read their advisories in the past this comes as no surprise. Gobbles's sole motivator here is to draw attention. From their security advisories that sound as if they're written by a third grader, to their advisories posted in comic form on their highly deceptive website www.bugtraq.org I've seen little from them that demands respect.

Besides, if they were working with RIAA, wouldn't the RIAA also have paid them a few bucks to secure their site? If they have, wow, bang up job so far.

Re:Remember

It's definitely not true ;o)

Re:Windows Clients/hosts?

[ShavenYak]

No, Gobbles was the retarded turkey that Timmy befriended on one of the Thanksgiving episodes of South Park.

Re:If you can't beat 'em

[RobotRunAmok]

Well, bad sentence construction usually indicates an American. Apparently, the US public education system is merely designed to instill a yearning for low quality cars, fast food and WWE into it's students - spelling, grammar, mathematics and any kind of art or culture seems to be off the menu

Hm. Interesting.

By the way, where are you from, son? If I was to judge you from your post, as you have seen fit to judge others, I'd say, hmmmmm, let's see... Arrogant... Cowardly... ridiculously placing foot in mouth by mis-using it's while criticizing another nation's school system...

France?

Re:Creation of viree is a crime

[hesiod]

Never use "RIAA" and "not [...] stupid enough" in the same sentence... It's bound to get you proved wrong.

Re:Where's the counter-exploit?

[Hellkitten]

easy enough to write a counter exploit that hunts down and removes the Gobbles virus/worm

And then send the riaa a fake list of digital media

hilary_rosen_nude_1.jpg
hilary_rosen_nude_1.jpg
hilary_rosen_nude_2.jpg
hilary_rosen_nude_3.jpg
hilary_rosen_nude_4.jpg
hilary_rosen_nude_5.jpg
....

Totally a hoax....

[Dorf_of_Eleven]

"It took us about a month to develop the complex hydra, and another month to bring it up to the standards of excellence that the RIAA demanded of us."

Are they anything like the standards of excellence used by the RIAA webmasters?

Re:Remember

[Markus+Landgren]

Maybe it's "the equivalent of 95%" (about 20 real percent).

RIAA Math...

[dallask]

Lets not forget who were dealing with here.... these are the same people who claimed confiscation of thousands of cdroms in a raid, when in fact it was just several fast cd burners.... their justifaction of the false numbers... These burners were really fast, thus they were equivalent to thousands of "Normal" cd burners...

they probably just got it to run on a couple of systems and then multiplied that by the number of users on the p2p net.

They didnt mean 95% of computers

[Zone-MR]

... They meant the EQUIVELANT of 95%.

In reality there is a total of 0.5% of infected computers. Some of these however have fast (over 1GHz proccessors), bringing the total percentage to the equivelant of 50%. Additionally some had large harddisks, allowing more illegal MP3's to be stored. Hence the equivellant of 95% whole computers.

We're Sorry

[Flamesplash]

Oh sorry guys, we didn't mean to infect the p2p networks, really. It turns out that one of the people responsible for manning our monitoring systems accidently infected the monitoring system with a virus which then found it's way into the p2p network. We're really sorry we know absolutely nothing about technology, oh and please go pay $18 for a cd instead of getting them off of a p2p network, it would really suck if you accidently got a virus because you used p2p.

Re:Windows Clients/hosts?

[Nevermore-Spoon]

Where is the part about how the alien hybrids helped pitched a hand?

What's the worm?

[phorm]

40% of this probably counts all the copies of Brittney Spears and Backstreet Boys songs squirming across P2P, often masquerading as different files. Personally, I'd rather take a real virus than these - an Antivirus can find trojans but none of them seem to have a feature to detect boy/girl-band of the moment type audio files.

Not to worry..

[iamabot]

If they have the same people securing their web servers as "infesting" peer to peer networks I don't think we have much to worry about.

Please view some screen shots from the last 96 hours.

http://iworktoomuch.com/images/riaa.com-download.j pg
http://iworktoomuch.com/images/riaa.org.jpg
http://iworktoomuch.com/images/riaa_tooled_again.j pg

Re:Gobbles??!?! Case closed - it's not real.

[EvilAlien]

Wow...

The security community needs more rational, intelligent minds like this, and less self indulgent halfwits like GOBBLES trying vainly to make names for themselves.

"Self indulgent halfwits"... I always thought they were a Security List Comedy group with the funniest code comments I've ever read, but if I need to change my BugTraq filter to point to the Self Indulgent Halfwit folder instead then I guess I'd better get to it.