Slashdot Mirror
MyDoom Windows Worm DDoSing SCO
We mentioned the myDoom Worm just a few hours ago, but more information is available now, mainly that its ultimate goal is apparently to DDoS SCO. You can see some more detail at NetCraft. Obviously SCO has a lot of enemies out there right now, but it's always sad to watch someone stoop to this level.
Quick, disable your AV software, and get some Windows boxes on the internet!
Maybe theyll change their domain name like M$ did to bastards.sco.com instead of sco.com/bastards
This may not be the most appropriate way to attack SCO, but after all the FUD they have released and the actions they have taken it puts a smile on my face to see something like this come about. I hope their server gets toasted. Bring on the worms!
those people who think they know everything are a great annoyance to those of us who do. -isaac asimov
Lol
Seriously, its is a shame, it will only fuel Darl's paranoia.
*--BigMan--- Time flies like an arrow.. but personally I prefer a nice glass of wine!
Seems like this is Linux's ultimate weapon of mass destruction because:
1. The virus makes M$ operating systems look bad.
2. The DDoS attack goes after every Linux lover's most hated target, SCO.
But I do feel sorry for the people forced to used Windows by PHBs or who are novice users that don't know better than to run e-mailed executables.
Two wrongs don't make a right, but three lefts do.
s/is/eir
Flourescent (adj): smelling like ground wheat.
This is very similar to the SETI@Home project. I'd like to try it out and run it for a while. How and where do I sign up?
If you really wanted to DoS SCO, why not just use the Slashdot Effect, like this: litigous bastards
I am officially gone from
Well maybe they didn't write it, but Im sure there is some SCO code in it.
I've not yet received the virus in my email
What's your address? I can send it to you...
Seems like it's about time SCO came up with a new business model. Here's my suggestion:
FROM: Mr. Darl McBride
Santa Cruz Organisation
Lindon, Utah
Dear Sir:
I have been requested by the Santa Cruz Organisation to contact you for assistance in resolving a matter. The Santa Cruz Organisation has recently concluded a large number of dubious security trades. These pump-and-dump operations have immediately produced moneys equalling US$75,000,000. The Santa Cruz Organisation is desirous of setting up business in other parts of the world, however, because of certain regulations of the U.S. Government, it is unable to move these funds to another region.
Your assistance is requested as a non-U.S. citizen to assist the Santa Cruz Organisation in moving these funds out of the U.S. If the funds can be transferred to your name, in your Swedish account, then you can forward the funds as directed by the Santa Cruz Organisation. In exchange for your accomodating services, the Santa Cruz Organisation would agree to allow you to retain 10%, or US$7.5 million of this amount.
However, to be a legitimate transferee of these moneys according to U.S. law, you must hold at least one license for Santa Cruz Organisation Intellectual Property, which are available at a cost of US$699.
If it will be possible for you to assist us, we would be most grateful. We suggest that you meet with us in person in Lindon, and that during your visit I introduce you to the representatives of the Santa Cruz Organisation.
Please call me at your earliest convenience. Time is of the essence in this matter; very quickly the U.S. Government will realize that the Federal Reserve is maintaining this amount on deposit, and attempt to levy certain depository taxes on it.
Yours truly, etc.
Darl McBride
These sigs are more interesting tha
Where can I download the virus?
I'll do everything to bug sco.
M
Anyone whose computer is infected with this worm is violating our IP! You must pay $699 for a license!
Now, with a proper sed'ing
Trolling using another account since 2005.
> I thought the worm was set to start the DDOS on February 1. So why is SCO
> showing a DDOS right now?
I guess some people have been playing with their system clocks to get around lame trial-period software?
I guess its time for me to get that windows machine back up and running...
hmm on second thought, thousands of windows computers at work and just as many ignorant email users...
As the article said, I hate to see anyone stoop this low, but SCO had it coming. You can anger windows users, because they don't know any better, but Linux users? Well we fight back!
"why don't you just slip into something more comfortable...like a coma!"
Well maybe they didn't write it, but Im sure there is some SCO code in it.
While some may consider that the virus is "derived" from SCO intellectual property, it doesn't contain actual SCO code.
At some point, somewhere, the entire internet will be found to be illegal.
Obviously SCO has a lot of enemies out there right now, but it's always sad to watch someone stoop to this level.
Yes, it makes me very sad. Can someone hand me a hanky? I think I need some alone time to cry about this.
Sorry, that was me. I was trying to find out who wins the Superbowl and what the spread was so I can go bet at my bookie.
--Joe Sixpack.
Black and grey are both shades of white.
I never even knew that SCO owned any ships, never mind that one of them had been boarded and plundered by pirates.
This attack only helps SCO. They get sympathy. What do the worm writers get?
Sir, it is obvious you have little to no understanding of the 1337 script kiddie culture. In exchange for a DDOS attack, the worm writers get something called mad pr0pz, which is a form of honor and integrity among those in the community.
Server Error
The following error occurred:
[code=SERVER_RESPONSE_RESET] The server response could not be read because of an error. Contact your system administrator.
Please contact the administrator.
Woo-hoo ! I DoSed the SCO server with only one finger !
In Soviet Russia, our new overlords are belong to all your base.
Due to the speed of the modern information infrastructure, and the method by which this virus distributes itself, a considerable number of copies will have crossed the international dateline several times during transmission. For these, it is indeed February 1st, and therefore these viruses are functioing correctly. Of course a similar number will have crossed in the other direction, so we can expect to see new DDOS attacks on SCO at least until February 5th
If I seem short sighted, it is because I stand on the shoulders of midgets
Well, at least SOME type of Doom has been released... (even if it's not D3)
Rock!
apparently they switched from SCO UNIX to Linux in August 2002...
Remember, SCO cant see the distinction!
Is there anywhere I can go to get this virus?
Thief (targeting a pistol): Money, quickly!
Real Human Being (With a disarming smile): Mr Thief, Would you like to visit a court with me in order to resolve our conflict? I just happen to have some megabucks to spend for our litigation!
I'm sure they just gave themselves a license and wrote off the $699 on their taxes as a business expense ;)
But they need someone to DDoS IBM before they can figure out what code...
"Now gluttony and exploitation serves eight!" - TV's Frank
<sarcasm>
Quick, call the Patriot Act Police, some linux using terrorists wrote some code to ping that good God loving American company, The SCO Group! Abusing them with their own IP, the gall of it!! </sarcasm>
Doing DDoS on SCO just makes people feel sorry for them. They do not deserve that.
Besides SCO doesn't need the internet as they hardly can expect to have any real customers left.
Nowdays their business model is based purely on litegation. To my knowledge lawsuits are delivered by hand, so a DDoS would not disturb their business at all.
God is REAL! Unless explicitly declared INTEGER
[Darl] You see the stock yesterday? Kept going down. And hard. I even heard the analysts are onto our scam.
[Bob] Yup. It's getting just plain impossible to dump this stock anymore. What do we do? We got hammered on that 'dog ate our homework' line on our court filing last week. What do you think David? You guys did a bang up job making it look like Gore won Florida when there was no way a recount would ever show that. Hell, half the country still believes that 'selected, not elected' crap.
[Boies] Well I always say, play offense, not defense. We need to get the public back on our side. Control the spin. You know, make us out to be the victim again. It plays into these schmucks capability for pity.
[Darl] I got it! What if we were being attacked by evil hackers again? (laughs)
[Boies] Bingo. What can your geeks whip up quick, Darl?
[Darl] Well they sure ain't coding operating systems and their time spent looking for code violations in Linux has been a big waste. Maybe we could put them on making some sort of johnson or trojan or something that attacks our Internet connection. Bench, you think that'd help our numbers?
[Bob] Might. What'da say Dave?
[Boies] Hell, it'd be perfect! I'd bet it'd not only turn the PR our way, but I could put that half-assed son of Hatch's to business suing Internet service providers for causing our business damage. And if we totally bomb in court with this asshole judge, we'll just claim the whole company imploded cause of the Internet hacks and sue the pants off of every provider.
[Darl] Love it! Hey, let's call it some prophetic name like SCO doom or our doom like those bozos at the church are always yacking about end of world crap. Should get them riled up too. And hey, it might just be true for SCO! To the bank, buddies!
DDOSing SCO's web site only prevents the general public and groklaw.net from access to their ongoing press releases and Darl's bio -- I mean -- does www.sco.com get traffic for any /other/ reason? People checking for Openserver upgrades and enhancements?? The latest download of Skunkware?? A fresh copy of the $699. Linux Licensing form???
Some time ago I had a hope that Microsoft will be broken by the weight of justice and right plus weight of users' dissatisfaction...
Troll McBride: muahhaha! now time for another press release!
Agent MyDoom: but how will your make a press release... if you are unable to speak?
Troll McBride: you can't stop me I am the one!
Agent MyDoom: well there's me
Agent MyDoom2: and me
Agent MyDoom3: and me
Agent MyDoom4: and me
Agent MyDoom5: and me
Agent MyDoom6: and me
*fight ensues*
But you can't keep a good troll down, and MyDoom is defeated by Troll McBride's pure force of will.
--cut to the alternate world where charaters now have different roles --
Troll McBride: source code? there is no source code.
Novell: it's not in your OS my love.
Troll McBride: but it's just a game
Novell: so is this, have fun.
Troll McBride: alright, alright, let us see where this goes. You two, get the source code.
*two main lawyers go all sinister and transparent and sink into the ground*
Linus: that's a nice trick.
Tux: I cannot go back! *slides away ala tux racer*
IBM: I'll handle them. *linus and perens run after tux*
Troll McBride: handle us? you'll handle us? you know your unix heritage had much more respect. *signals to other lawyers*
*lawyers release a barrage of photocopied source code, and discovery requests at IBM*
*IBM holds up judges orders for real evidence, shit flying through air is halted and falls to the ground*
Troll McBride: o..k.., you have some skill - FUD him.
*the PR men hiding in laywers suits begin to duck and weave their PR attacks*
NEXT EPISODES OF ABSURD-I-SCO-TRICKS HAVE YET TO BE FINALIZED... KEEP WATCHING.
There is no patch and there can be no technical patch. This thing propagates by social engineering -- the 'click here' vulnerability. It's not the RPC/DCOM worm. You'll need to patch people.
yea except that it infects windows machines :) not linux
So then they run through all possible IP addresses and throw out the ones doing a DoS (ie: Windows).
The rest are obviously in violation.
- - - - - - - - - - -
I am a programmer. I am paid to produce syntax not grammar. Deal with it.
The RIAA did it.
1) Attacks users of Kazaa
2) Attacks evil corporation on top and finally returns RIAA to their hard fought spot!
"We need a fourth law of Robotics: Stop Fingering My Wife"
That is like, the silliest thing I have ever heard. If you are not trolling, then I pity your utter lack of thought on the matter.
/. really needs a "-1, didn't get the joke" mod... ;-)
The international date line isn't some magical gateway that adds or subtracts from your date. It doesn't work like that.
Don't you wish your girlfriend was a geek like me?
Well, there must be some Linux code in it. I can't say what code, but my engineers are doing a source scan right now.
Since there is Linux code in the virus, even a small amount of Linux code, then the virus must belong to SCO, because SCO owns Linux.
Since SCO owns the virus, they're guilty, and they owe a lot of people a whole lot of money.
I just read abot the SCO connection on CNN (busy day today). Interesting symbolism, using Microsoft Windows vulnerabilities to attack a company that's trying to 'close-source' Linux.
-------- In Soviet Russia, "Soviet Russia" sigs hate Slashdot.