Slashdot Mirror


A Worm's Worm

Carnildo writes "There's a new worm out, according to the Register, but one with a twist. This one, called 'Dabber', infects computers by exploiting a security hole in the Sasser worm."

5 of 345 comments (clear)

  1. Spyware and others by r.jimenezz · · Score: 5, Interesting

    Just thought about this... With the huge number of machines out there "infected" by spyware, adware and similar programs (and many of them without their users even knowing), how long will it be until a worm is written that exploits a vulnerability in one of these programs?

    --
    The revolution will not be televised.
  2. Remind Anyone of Blaster by erikharrison · · Score: 5, Interesting

    Gosh, this whole mess looks just like Blaster from down here in the trenches.

    I'm tech support for Tremendously Large ISP. From down here this looks just like Blaster did. Customers calling in complaining that their machine is restarting without their consent. And now someone has a follow up virus that attacks the virus - as some may recall there was a Blaster variant that patched systems AGAINST Blaster. This was terrible - if you got this variant inside a corporate network not only would your bandwidth use skyrocket, but since NAT tends to fubar Windows Update, the variant never managed to patch a system. God that was hell . . .

    It's almost enough to make you want to write a virus in revenge . . .

  3. Actually sounds like somebody trying to fix things by Ungrounded+Lightning · · Score: 5, Interesting

    This is an all new low. Now virus programmers will have to make their virus's better so they dont get infected by another virus.

    Actually, this sounds like somebody trying to make a disinfectant worm. Look at the description:

    - It only infects infected systems, using a flaw in the previous infection.

    - It cleans out the infection of the worm that it exploited, and several others.

    It does open a new backdoor. But while that might be preparation for some future malicious action, it might also have been the author leaving himself a way to fix things if his initial worm got out with a destructive bug. (Of course it could be the worm cleaning up signs of previous infections in order to hide itself and thus head off other cleanups.)

    I wouldn't be surprised to see, on further analysis, that it does other antimalware things (like fix the flaw the other worms used).

    (Not to say that it IS somebody trying to fight virus with virus. But it might be interesting if it turns out that it is.)

    I think everyone should go ultra secure, the best firewall ever... Disconnect from the net. It would make this all alot easier on us.

    Which is exactly what the military does with some of its really secure stuff.

    Now if we can just get the Microsoft users to emulate them. B-)

    --
    Bantam Dominique roosters crow a four-note song. Once you've heard it as "Happy BIRTHday" you can't NOT hear it that way
  4. Fun! by Ketnar · · Score: 5, Interesting

    This sort of reminds me when I wrote a counter-bug to combat an email worm that had infested an office building I was contracting to. Worked through the ever-so-lovely 'You don't have to really click the attachment for it to go off on you' bug in an older version of outlook.

    It sat and watched a users inbox for the big bug at the time and pretty much acted like a counteragent, the instant they showed up, it nuked them off the machine (inbox and all) and undid whatver they managed to do.

    Send one copy to everybody in the office, and instantly watch outgoing network mail traffic DROP back down to normal levels and my phone stop ringing.

    I seem to recall distinctly 'forgetting' to mail it to key people, however.. *cough* :)

    Would be a real shame if some of the geek-prowess around the OSS world were to start doing such counter-bugs. Alot of these backdoors, trojans, and whatnot, have gaping flaws in them because..well, guess. :P

    Just think:
    Infect > Disinfect > Patch > Scan nearby machines (proceed life cycle)> Local Self-remove

    Could be the next revolution. Don't bother patching or downloading, we bring the cure to YOU.. :)

    --
    My new top secret key -> C>N|KB
  5. Re:Ugh... by Rob+Simpson · · Score: 5, Interesting
    Of course, and its a sad comment on the state of computing today that this is a unique case. Human viruses are thoughtfully provided with their source code - exceeding even the requirements of the GPL - so they can be compiled by your cells.

    Yay for Free Software! (Achoo!)