Slashdot Mirror

← Back to Stories (view on slashdot.org)

Microsoft "Swen" Worm Squiggles Into Sight

Posted by timothy on from the mmm-wriggling dept.

greenhide writes "As forecast in this story, a new Microsoft worm has indeed wriggled to the surface. The W32.Swen's claim to fame is its professional looking email advertisement that pretends to be a fake Microsoft patch. Earlier viruses have made the claim, but none of them looked this good. It appears to have infected over 1.5 million machines. "

5 of 789 comments (clear)

  1. Oh yeah... by JoeLinux · · Score: 5, Interesting

    At work, they have duped over 5 of my collegues...even AFTER the email went out saying that it was going around. Well, Make an OS that any idiot can use, and only idiots will use it, I guess...

    My problem with all these worms is that it doesn't do anything after it propogates, so no one will really care except bandwidth-concious IT people. It should send itself out, then erase all the FAT tables on a hard drive.

    Or deltree the c:\winnt or c:\windows directory (or both).

    That would REALLY piss people off, who would demand that they do something to make sure that not happen again...like...I dunno...Linux or OSX?

    Just a thought...

  2. Worm Load by m.dillon · · Score: 4, Interesting
    There were over 4500 attempted deliveries of this 150K+ worm through my mail server overnight, and they are still coming. Easy to filter, but this is by far the worst worm load I've seen to date on my little server.

    On the bright side, deliveries of unrelated spam seem to have fallen due to the worm's load on the internet :-)

  3. html by BWJones · · Score: 4, Interesting


    So, I have recieved a number of these (thank goodness I am running OS X) and it appears that the "notification" also contains html. So, examining the html, it appears that it actually references microsoft.com.

    If I were microsoft, it appears there is a simple way to defeat this by inserting html in the referenced source that warns recipients of this sort of thing.

    --
    Visit Jonesblog and say hello.
  4. Vicious worms don't survive by IncohereD · · Score: 4, Interesting

    ....because they're noticed too quickly. If you destroy your host immediately you're not going to propogate too far, now are you?

    Yes, you could make it a little more complex with time-outs or a way to select certain targets as hosts for more sending and others to destroy, but it wouldn't last and last like some of the recent worms, because it's effects would be so noticeable.

  5. Re:Fascinating isn't it? by M.+Silver · · Score: 4, Interesting

    When is the last time your car mechanic told you that you couldn't drive your vehicle because you are an idiot? Does your plumber forbid you from using your faucets?

    I can't speak to the plumber situation, but if you've ever listened to mechanics behind the scenes, they sound *exactly* like computer techs. Sometimes they really *do* wish they could tell people they shouldn't drive a vehicle because they're idiots. (I'm betting body shop folks do even more of that sort of griping...)

    --

    Slashdot's token middle-aged housewife