New Worms Feed on MyDoom Infections
JJP writes "ZDNet Australia is reporting that two new worms, Doomjuice and Deadhat, are taking over computers previously infected by the MyDoom virus.
Apparently they try to uninstall the MyDoom virus and then take over the PC to start their own malignant work. Whilst the threat these two worms pose shouldn't be too big, both needing a MyDoom backdoor, it is still a novel way to spread a virus. In the Netherlands there is a newspaper reporting this proves MyDoom was initialy spread by organised crime in a dark plot to wage cyber-war and steal confidential data from our computers."
This reminds me of that old ad which opens with a guy was trying to hook up his laptop at a huge meeting to start a presentation. He is having problems getting things to work and people are yelling suggestions from the audience: "Try c: start!" or something like that. This goes on for some time with different people yelling various suggestions and then at the very end when it appears things are not going to work, someone yells: "get a Mac!" The ad then fades out.... I suppose for the Linux crowd, the yell could be "get a Penguin" or "get a boxen", but the sentiment is the same: Do something.....Do anything......but do not continue to use that unsecured Windows box. You are wasting your time and you are wasting my time and costing companies, businesses and governments big time.
Visit Jonesblog and say hello.
"In the Netherlands there is a newspaper reporting this proves MyDoom was initialy spread by organised crime in a dark plot to wage cyber-war..."
If organized crime was looking to steal data, all they had to do is ask people. Hundreds of people hand over their eBay, PayPal, and credit card information every day to phisher emails claiming to be from a legit company. Making a worm to steal the information isn't even necessary when the user is already the weakest link after being socially engineered.
Saskboy's blog is good. 9 out of 10 dentists agree.
The problem is that by creating a worm that cleans up the original malware worm, the fix is just as bad as the original virus. You're still using a lot of bandwidth that isn't yours, you're still sending out a program to change someone else's system without their permission, etc.
On the surface it looks like a good idea, but unfortunately it has a lot of serious drawbacks.
Who is John Galt?
These people STILL infected with MyDoom don't know the first thing about computer security. They would be MUCH MUCH better off with a Mac than with windows. All they probably do anyway is chat with their little friends on AIM and check their webmail.
And that's great, until Macintosh's become popular enough for viruses to be written for them (at which point its going to be a massacre). A guy I work with owns a Macintosh, and he brags about how he doesn't need to run any antivirus program and how he can open all attachments. If a virus like MyDoom was created for the Macintosh, how much you want to bet my coworker (and people like him) would get infected right away, because they aren't using common sense? Windows may be buggy, and windows may have a lot of security holes, but in this case, MyDoom does not take advantage of any of them MyDoom takes advantage of the traditional weakest link in any security system, people.