Netsky Worm Variant Attacks P2P Services
ee_moss points out this Washington Post article (via Yahoo!), excerpting "The latest variant of the Netsky worm directing infected computers to launch Web-based attacks against music- and file-trading Web services such as Kazaa, taking down at least one company's Web sites in the process. The worm, the 19th version of a bug that made its debut in February, is also targeting some Web sites that offer computer programs designed to illegally break or bypass copyright controls on software programs."
Anyway, I know this sounds painfully obvious, but why don't folks take the simple step of running an antivirus program? I have McAfee VirusScan and I also have AdWatch running full time. Between the two, I feel fairly well protected from viruses and adware/spyware.
And then you have folks that click on just about any attachment - from the article:
The experts advised people not to click on strange attachments in e-mail, which can activate the worm, and to update their antivirus software frequently to ward off new threats.
I have an agreement with family and friends to embedd a codeword in any document that contains a file attachment. It is usually a fairly esoteric work not likely to come up in casual conversation. However, I have damn near been fooled by a few emails because they seemd very legitimate. Oh, well.
Anyway, I am preaching to the choir....and ranting a bit.
Happy Trails!
Erick
http://www.busyweather.com/
The experts advised people not to click on strange attachments in e-mail, which can activate the worm...
Of course, until you can teach people to be intelligent, these types of viruses will continue to circulate through the net.
Wireless News www.DailyWireless
The post doesn't say it, but it definitely insinuates that the nefarious RIAA and possibly the BSA is behind this latest worm. Unfortunately, that kind of knee-jerk reaction is counterproductive to finding the real virus spreaders.
Someone is obviously trying to implicate the content monopolists in this by targetting the sharing networks. It is highly unlikely that the monopolists are doing this themselves because they have too much to lose by carrying out such an attack.
Someone in the computer community is doing this and is hurting everyone in the process. Sometimes the geek community is its own worst enemy.
I have been pwned because my
I've noticed more and more windows users, have to install nearly 1/2 a dozen or so programs th protect thier pc's. Between Ad-aware, Spybot S&D, Norton/AVG/McAfee and a host of others, I ask... Why Bother? It's the reason I went 100% linux at home, no worries about such crap.
Ubuntu- Linux for human beings.
I don't really understand this virus, or more precisely, the people who wrote it. Although I can not speak from experience, I would have to imagine that spreading virii over P2P networks is like shooting fish in a barrel (hotpr0n.mpg.exe would probably take down half the computers on kazaa). So why are they trying to spread it through e-mail? I would think that since there is no challenge involved in spreading it that they would be moralists (like the people who disguise a program that reports people's ip address as warez) but they are not doing it over the networks themselves so they would have a potential for "collateral damage". Is the writer just a random skript kiddie or am I missing something?
_____
Thank you.
It can't be long before e-mail becomes so suspect that self-mailing viruses simply won't spread because everybody is so afraid of their inbox. It will be interesting to see where viruses go then. IM would be my first bet, as well as P2P networks, vulnerabilities in certain *cough* OSes we've already seen, and network shares but there has got to be other methods I'm not thinking of. This could be really interesting to watch. I've never taken the hard line view towards viruses that I see here, I see them as massive experiments with data and as kind of a spectator sport. Of course that could be because I've never really had a problem with them...
I have suggested they try linux. But they are nearly at the point of no return. They fear computer, they fear the hassle, virus scans, repair etc. What's the world coming to.
If they are not dependant on any Windows-only software (that won't run in Wine) then why not offer to set up Linux for them. Give them Gnome or KDE with icons for everything they need on their desktop and in their "start menu." (And no other icons)
And tell them that you will set it up so the only things they have to look at are the things they need.
Then ssh into their computers anytime an update is necessary.
I would imagine they would be pretty happy with a computer that was less prone to virus attacks.
Have you tried Linux yet?
An antivirus program only finds known viruses, or variants of known viruses that trigger some common rule. They are useless against new viruses, particularly rapidly spreading new viruses.
Remember how quick the media was to turn on the linux community when a worm appeared to be targeted at SCO.
Let's show we are a couple notches above the media here and give this some time, maybe we can take this thing apart and make sure of it's TRUE intended victim. Not to say I'd put it past the RIAA, but we should make sure before flinging accusations.
The geeks may have jumped ship - High schoolers & students at humanities schools still use it... it has an easy to use interface, and there's a lot of files available on it. My sister, a freshmen in college, made a comment to me yesterday [talking about the chances of getting caught d/l music and movies] - "Well I downloaded a movie, but I deleted it afterwards so they couldn't catch me or know I downloaded it". Most of her friends have similar logic... It's not just grandmothers :)
I think it's because most virus writers don't have criminal inclinations. More like pranksters.
Oh, and if a virus does `real' damage, then they can forget about getting off the hook if they're caught. Someone will throw a book at'em if they're really nasty (and aren't just kidding).
"If anything can go wrong, it will." - Murphy
Public Linux servers have been hacked, to be sure. But this is a much different thing from discovering a new worm every week floating around the Windows world.
To hack into the Gentoo, Gnome, Debian and GNU servers, the crackers had to sit down and work at it. It didn't come for free. But write a new worm variant and several million p2p and outlook users will deliver it to your victims for free.
Think of your home's security. Anyone with a sledgehammer can break into your home, regardless of the quality of your deadbolts. That's what happened to those servers. But in the windows world we get a bunch of houses with hollow veneer front door with a brass flip latch for a lock, and no back door at all, just a wide open portal.
Even with a steel door and twenty deadbolts, eardrum destroying alarm, and a pair of Rottweilers, you could still get broken into. But that's no reason to encourage the burglars with cardboard doors and a lawn sign that says "if it's not too much trouble, could you please not break into my home tonight".
Don't blame me, I didn't vote for either of them!
Ya, but what do you do when all of the Windows machines they've failed to keep virus free start clogging your core routers with virus traffic?
how many people have jobs because of spammers and computer infections?
The Kruger Dunning explains most post on
Because someone who didn't know better opened the attachment.
I've been getting delivery failure e-mails over the last few days because my e-mail addy is in their address book. And believe you me, I checked every conceivable virus scanner on the web.
The specific worm in question is Worm.SomeFool.Gen-2 , according to the last dozen or so messages.
Just because you can mod me down, doesn't mean you're right. Shoes for industry!
Great explanation of just how irresponsible certain software manfacturers are being.
Are lot of the reply's you're getting are in the vein of:
"But you don't have to agree to the EULA"
and "What about OSS"
Okay guys, here's the difference:
A MS EULA is like me going out, buying a house, and after closing on the house I come home to find a big sticker on the door that says,
"by breaking this seal you agree to the following terms:
-You do not really own this house, you're actually leasing it from us.
-We are not responsible if this house turns out to have numerous major problems that we didn't tell you about.
-You may only use this house for purposes X, Y and Z, any other use is strictly prohibited.
-etc, etc, etc
It's clearly stupid and not a legally binding contract. I can rip that sticker of my door without a worry in the world. The same needs to be true for software.
A good example is disclaiming any and all warranty:
This needs to be done BEFORE I give you my money.
It's like a car manufacturer trying to sell a new car with absolutely no warranty by sticking a note in the glovebox when you're driving it off the lot.
The deal is already done. The note means nothing. The manufacturer is still responsible for all normal, implied warranties.
Now what about OSS?
First off, I'm going to talk only about the GPL. (Other liscenses are typically very similar.)
Now the key thing is that there are some very big differences with GPL'ed software:
1) It's free. Free things are typically not legally required or assumed to carry warranties. There also don't seem to be many laws about disclaiming liability when I give you something for free. There's nothing that says the item must be provided in any form other than "as-is", unlike commercial/retail sales. I can give you a car with rusted out brakes for free and not have to fix them for you. If I was a car dealer, charging you money, I might have to fix those brakes (unless there was some agreement made about them at time of sale).
2) The GPL is not a EULA. You do not have to agree to the GPL to use a GPL'ed program. A lot of people have trouble understanding this one. There are even programmers who make the GPL pop up when you run their program and force you the check "I agree". These people are all wrong. The GPL only governs redistribution. As such, it's not trying to get rid of any rights that you would normally have. In order to gain a right that you wouldn't normally have (redistribution of someone else's copyrighted work), you must agree that this new right is subject to a set of conditions. If you do not agree, you do not get those rights, not because to GPL says you don't, but because copyright law says you may not redistribute other's work without their permission.
Life is too short to proofread.