Today's Windows Virus - MyDoom / Novarg
Oddster writes "There is a new virus out by the name of Novarg which can infect all Windows versions from 95 to XP. It has two interesting features - first, in addition to mass mailing, it also distributes itself via the P2P network Kazaa. Second, it can perform a denial-of-service against www.sco.com. Details at Symantec
and F-Secure, although neither seems to have finished their analysis." Other readers have sent in links to coverage at CNET and Security Response, and Russ Nelson provides a sample message.
Dumb people. Problem is that dumb people make up a majority of internet users. This is the same reason that spam works as an advertising method. Its also why toner refills have warnings not to drink the contents and windex warns you not to spray it in your eyes.
"Have you ever thought about just turning off the TV, sitting down with your kids, and hitting them?"
Second, it can perform a denial-of-service against www.sco.com
Great. This will give SCO some good PR ammo. Thanks guys.
Obviously, SCO has many ennemies. Most of them are probably nix users and the public knows that. If we want to have the public favor OSS, reputation is also important.
Just my 0.02$
DrkBr
Think about it. Until now, the Linux community has seemed very innocent over this whole issue. It's simply a matter of a company trying to oppress people for it's own gain (at least in the courts' eye). When people start doing illegal things such as writing viruses to get back at SCO, on the other hand, the Linux community loses much of its innocence. Look beyond the surface; this is a big PR hit for the Linux community. Remember the debate when SCO was DDoSed? This is the same thing, but much worse, and on a larger scale. Writing a virus in itself is illegal, given their nature, and a DDoS is also illegal (I'm not counting Slashdottings and the like).
Let me get this straight:
1) It has a simple text message plus a binary payload attachment.
2) It uses no M$ exploits (patched or unpatched) to install itself.
3) It depends on someone opening the attachment to start an infection.
And after all this time, people are still clicking on binary attachments? Great googly moogly. At least this sucker is only 20-40K. I'm sick of the 140-160K ones swamping my hotmail account. This one will barely be an annoyance.
To quote Evil Willow Rosenberg: "Bored now."
Design for Use, not Construction!
Now Darl seems to have some credibility with the Linux == terrorism threat. Good going, guys....
I'm not so sure, this was obviously done by a WINDOWS hacker. Most of the Linux hackers I know have no freaking idea about MS Windows internals and they honestly don't even care for that sort of "knowledge".
If programs would be read like poetry, most programmers would be Vogons.
Also, does the virus target by IP address, or does it do a full DNS lookup? If it's just IP, it will be easy for them to change the www record, and the servers address. 60 seconds later, everyone apart from the virus will be able to access the site.
Get your own free personal location tracker
I know you were joking, but no, attacking sco.com does not make it a worthwhile virus. Yes, SCO deserves a lot of hardship. But any retaliation should be done in a completely legal manner. Why? SCO is trying to make open source look bad in the eyes of businesses. They've said we don't respect copyrights, they say we're anti-business. They screamed loudly about joking death threats and DDoS attacks. They're trying to make us look bad, and whatever we do should make them look bad, make them look like the aggressor they are. Doing obviously illegal things only makes us look bad and SCO look like a victim. So this is a major step backwards.
Litigious bastards