Slashdot Mirror

← Back to Stories (view on slashdot.org)

"Witty" Worm Wrecks Computers

Posted by timothy on from the your-ruse-your-clever-trick dept.

An anonymous reader writes "A new Internet worm wriggled across the entire Internet in the span of a few hours Saturday morning to all computers running several recent versions of firewall software from Internet Security Systems, including BlackICE and RealSecure, according to this story at Washingtonpost.com. The flaw that Witty exploited was discovered Wednesday by eEye Digital Security. The worm overwrites data on the first few sectors of the victim's hard drive, making the machine virtually ubootable and potentially destroying much - if not all - of the victim's data." Update: 03/21 02:18 GMT by T : Reader Jeff Horning points out that eEye actually disovered the worm on the 8th of March, and came up with a fix the next day.

25 of 587 comments (clear)

  1. One question by slash-tard · · Score: 4, Funny

    How can we blame M$ for this?

    1. Re:One question by dicepackage · · Score: 4, Funny

      Or better yet blame SCO.

  2. fp by itallushrt · · Score: 2, Funny

    Insert "witty" first post comment

    1. Re:fp by Anonymous Coward · · Score: 4, Funny

      Worms? *rubs ass on carpet*

      Ahhhh~

  3. Come on.... by karlm · · Score: 4, Funny

    Do you really expect us to believe more than ten people worldwide run Windows on their firewalls? ;-)

    --
    Copyright Violation:"theft, piracy"::Anti-Trust Violation:"thermonuclear price terrorism"<-Overly dramatic language.
  4. Say it With Me Now, Folks... by shadowcabbit · · Score: 0, Funny

    FUCK!

    I just now (10 min ago) plugged my laptop into my brand new DSL modem... Now I have to install the antivirus program before rebooting... Shit shit shit...

    I propose we introduce the death penalty on the sick motherfucker who wrote this fucking piece of shit virus. FUCK!

    (And no, I haven't watched any Tarantino films lately)

    --
    "Why Subscribe?" Good question...
    1. Re:Say it With Me Now, Folks... by Anonymous Coward · · Score: 1, Funny

      Homer: Kids, would you step outside for a second?
      [the kids run out]
      [standing up] F --
      [a church organ plays a chord; birds fly away; everything stops]
      Ned: Dear Lord! That's the loudest profanity I've ever heard.

  5. Now that's powerful by CGP314 · · Score: 4, Funny

    Most infected computers will have to be rebuilt from scratch unless their owners instead decide to buy new ones

    I didn't know worms were so powerful now that they could melt a computer into a pile of toxic sludge. : /


    -Colin

  6. Re:Stick to hardware routers and firewalls... by Frambooz · · Score: 5, Funny
    "Although they ain't perfect, at least they're not running on your computer. Yikes."

    People would be much better off with hardware versions of Internet Explorer and Outlook (Express) in that respect. Yikes.

    --
    No encryption can withstand the power of the Lucky Guess.
  7. This is a perfect time to promote the expression by Eudial · · Score: 5, Funny

    "FGTRGDI" (Feels good to run gnu/linux doesent it?)

    More cryptic acronyms to the people!

    --
    GAAH! MY PRINTER IS ON FIRE!!! PUT IT OUT! PUT IT OUT!
  8. Avoiding Viruses and Trojans by RGautier · · Score: 4, Funny

    Now that you've got yourself a computer system at home, you'll want to protect it from the evils of the Internet. Because Operating Systems are chock full of holes just waiting to be exploited, you should, at a minimum, take the following steps... Step 1. Go out and buy a firewall product for your machine. Also pick up some virus protection software. Step 2. Ok, now install the firewall software... Oh......Damn It!

  9. Re:Stick to hardware routers and firewalls... by berniecase · · Score: 1, Funny

    I should get to work on that. Yikes! ;-)

  10. Or if you prefer... by Big+Sean+O · · Score: 4, Funny

    Newspapers, magazines, letters, and stamps.

    How 1980s. Yikes.

    --
    My father is a blogger.
  11. Re:Imprecise! by Stinking+Pig · · Score: 2, Funny

    I'm sorry that you read so poorly. Here, let me help by quoting the relevant sentence for you:

    "all computers running several recent versions of firewall software from Internet Security Systems, including BlackICE and RealSecure,"

    Google tells me Quantian is Knoppix/Debian.

    http://www.iss.net/products_services/blackice.ph p

    While there are RealSecure sensor nodes for Linux, the desktop software being referred to here is also a Windows product.

    In other words, BZZZT! Thanks for playing the troll today.

    --
    "Nothing was broken, and it's been fixed." -- Jon Carroll
  12. Serves 'em right. by ljavelin · · Score: 3, Funny

    Hey, serves these folks right! I mean who'd be stupid enough to have a Windows machine on the internet without any kind of firewa...

    err, never mind.

  13. My personal theory by PacoTaco · · Score: 3, Funny

    I bet this worm was written by a disgruntled network administrator sick of those "I'm being attacked" emails.

  14. Re:This is a perfect time to promote the expressio by Black+Parrot · · Score: 3, Funny


    > More cryptic acronyms to the people!

    That's MCATTP around here, chum.

    --
    Sheesh, evil *and* a jerk. -- Jade
  15. Re:Is ZoneAlarm Vulnerable too? by WreckDiver · · Score: 3, Funny

    Blue screens and memory dumps are normal Windows behavior. Nothing to be worried about.

  16. Re:This is an interesting one, almost biological by Clover_Kicker · · Score: 3, Funny

    There were some really evil viruses back in the day. Fumble: This virus will generate typing errors, every now and then. That is, if you press the "R" key for example, it will occasionally insert another letter like "E" in the text instead. dBASE: The dBase virus is very rare, but rather curious. It is clearly intended to garble dBase files, or rather any file with a name that ends in .DBF.

    If the virus is active in memory when a program writes to a .DBF file, it will garble all the outgoing data. However, when the data is read back later, the virus will correct the garbled data.

    There is just one problem. If the virus is detected and removed, the data will be useless because the virus will not be present to "de-garble" it when it is read back.

    There is a more harmful side to this virus. If an attempt is made to write to a .DBF file that is more that three months old, the virus will try to destroy the FAT and root directory on drives D:, E: .... Z: There is a bug in the code, however, so the destruction will be rather unpredictable. I have no idea why someone hasn't put an imaginatively evil payload in a modern virus.

  17. Shouldnt it be: by _ph1ux_ · · Score: 3, Funny

    "Witty" Worm Wrecks Workstations!

  18. Re:where are all the virus's that do real damage? by Fritz_the_Cat · · Score: 2, Funny


    Obviously you didn't read the article very well.
    It says that you need to rebuild your machine from scratch or buy a whole new computer.

  19. Re:Stick to hardware routers and firewalls... by Big_Al_B · · Score: 1, Funny

    Yet, you're on /.

  20. Re:Stick to hardware routers and firewalls... by Anonymous Coward · · Score: 1, Funny

    I wouldn't touch IE with a 10 foot piece of ethernet cable.

  21. If you can read this message by Chatmag · · Score: 2, Funny

    "Witty" Worm did not destroy your system.

    --
    Pete Carr Owner Chatmag.com
  22. Re:My WinXP box got hit with this by Axisted · · Score: 2, Funny

    It must be nice having benevolent cracker reflash your BIOS for you.