Today's Windows Virus - MyDoom / Novarg
Oddster writes "There is a new virus out by the name of Novarg which can infect all Windows versions from 95 to XP. It has two interesting features - first, in addition to mass mailing, it also distributes itself via the P2P network Kazaa. Second, it can perform a denial-of-service against www.sco.com. Details at Symantec
and F-Secure, although neither seems to have finished their analysis." Other readers have sent in links to coverage at CNET and Security Response, and Russ Nelson provides a sample message.
Finally, a worthwhile virus!!
Common sense is not so common.
i just got the patch off of kazaa... sweet jesus, just in the knick of time.
whew.
i was scared there for a ss.....[NO CARRIER]
MARIJUANA, SHROOMS, X: ONLINE?! - E
"Second, it can perform a denial-of-service against www.sco.com" Will this be the first virus I willingly load on my machine?
"Second, it can perform a denial-of-service against www.sco.com."
How do I get it?
Sdelat' Ameriku velikoy Snova!
Who the hell is gonna open a 3kb executable from kazaa?
--
WHO ATE MY BREAKFAST PANTS?
Ok -- which one of you wrote this.....
10b||~10b -- aah, what a question!
Back in my day, viruses came in via the boot-sector of floppy drive. You actually had to know fudge to write one.
You yung whipper-snapper virus writers and your MS holes got it way too easy.
On one hand it seems to be written by the RIAA, on the other it looks like some linux loony, can it be both?!
5 posts so far, and 3 of them are of the "I WANT TO PARTICIPATE IN A SCO.COM DDOS" variety.
people... that is illegal and not the way to win the fight.
i'd say more, but i have to go load that virus on my 3 other laptops.
MARIJUANA, SHROOMS, X: ONLINE?! - E
To show that there are no hard feelings after the virus enterd my work network, I would like to invite the virus writer to play a game of baseball.
Just show up, I'll brng the bat!!!!!!!
Looks like you've figured out how the ddos works. Put "www.sco.com" in the virus, get it mentioned on Slashdot, and the /. effect takes down the site.
Hear recorded Slashdot headlines on your phone! New service beta testing. Just call (248) 434-5508
Humour aside, if that was the intention of the virus, it should bring down the SCO email server (mail.sco.com) as well as www.sco.com. This would hurt sales and cause a major inconvenience.
SCO's lawyers are probably 'creating' a lawsuit as we speak - claiming the portions of the virus are SCO IP. (Which is just as believable as Linux containing SCO's code.)
SCO could also have written the virus - to hurt the image of their competition.
Does the virus install it's source, whine about the GPL and insist on being called GNU/MyDoom?
I DO in fact have a paypal account and am willing to accept donations for my contributions to society.
Send donations to:
wenNOdoy@SPAMconsolidated.net
First you save the attachment.
Then you unzip it.
Then you execute it.
Why do the virus writers even bother writing code? If people are willing to do all that, it sounds like the next virus will consist solely of the text:
"Pick a friend at random. Go over to his house and bash his computer with a sledge hammer."
>Now Darl seems to have some credibility with the Linux == terrorism threat.
No, he doesn't; it's a Windows virus, not a Linux virus.
Windows == terrorism
Proof that Windows is a danger to national and economic security.
I don't know the meaning of the word 'don't' - J
Alright. Now listen up. Here's the deal....and I'm not accusing anyone...I'm just saying...
"The worm encrypts most of the strings in it's UPX-packed body with ROT13 method,"
I *KNOW* it was one of you fuckers...
it can perform a denial-of-service against www.sco.com. Details at Symantec and F-Secure, although neither seems to have finished their analysis.
.. lets take our time over this.. no need to rush things now is there? I mean - we wouldn't want to make a mistake or anything now would we?
Cut to the labs of the antivirus companies:
Sir! The new virus seems to launch a DDoS against sco.com!
REALLY? Great work! Now
Take a 2 day lunch.
Yeah, I suggest removing all CD/DVD/Floppy and whatever drives and ripping the network cable out of the wall. Better yet, disconnect the power supply... Voila - secure system.
This comment does not exist.
Google now shows Caldera as the first hit for a search on "litigious bastards", while www.litigiousbastards.com (a site about SCO) comes up about five down. Go team!
do not read this line twice.