Slashdot Mirror

← Back to Stories (view on slashdot.org)

New Worm Installs Sniffer

Posted by CmdrTaco on from the hope-you're-using-ssl-for-everything dept.

fmorgan writes "Netcraft just posted a note saying that a new worm installs a network sniffer in the infected computers." When I read these things it kind of makes me wonder why it took this long. Update: 09/13 22:47 GMT by T : More innovation: Ant writes "The Register has a story about a piece of malware that 'talks' to victims. The Amus email worm uses Windows Speech Engine (which is built-in to Windows XP) to deliver a curious message to infected users. The message reads: "How are you. I am back. My name is mister hamsi. I am seeing you. Haaaaaaaa. You must come to turkiye. I am cleaning your computer. 5. 4. 3. 2. 1. 0. Gule. Gule." ("Gule. Gule" is Turkish for "Bye. Bye". "Hamsi" is a small fish, like an anchovy, found in the Black Sea). F-Secure has a copy of the sound file generated by the message."

6 of 491 comments (clear)

  1. Non-malicious worms by MisterP · · Score: 4, Insightful

    "When I read these things it kind of makes me wonder why it took this long."

    I often wonder the same thing. With all the different worms that infect unpatced Windows machines, why hasn't someone wrote one that effectively deletes everything on the machine just short of rendering itself unable to propogate?

  2. the bad one by Clover_Kicker · · Score: 5, Insightful

    I'm waiting for a virus that greps all your documents for each name in your address book.

    If a document contains a person's name, email it to them.

    I can see it now, salary spreadsheets and confidential memos flying around to the very people who are not allowed to see them...

  3. As usual these useless virus alerts lack info. by zaqattack911 · · Score: 5, Insightful

    How does it Normally spread?
    What windows vulnerabilities is it using?
    is it an email attachment? what is the attachement called .. or its variants??

    For christ sake...

    Love, Zaq

  4. Why did it take this long? by rjamestaylor · · Score: 5, Insightful

    Perhaps it took this long because the bad guys were busy installing keystroke recorders so that they could defeat encrypted network traffic. Also, switched networks help keep the impact of the sniffing to the infected computer -- unless the network terminates at an infected computer -- thus making this less as threat to large organization using 100% switched networks...

    --
    -- @rjamestaylor on Ello
  5. Re:What if someone made a worm that just........ by still_sick · · Score: 4, Insightful

    ......ran windows update on all infected machines? Would people get pissed?

    Would people get pissed? HELL YES.

    I recall one particularly annoying weekend when my computer DVD player stopped working. Something screwed up or something - whatever it was, the damn video was not being decoded properly.

    Tried everything I could think of. New Drive, New Drivers, endless newsgroup searching, blah blah blah to no avail.

    Then it occured to me that between the time that my DVD player last worked and then did not, I had installed Win2k SP4.

    So just as a test I went and uninstalled the bastard, everything worked FINE after that - with the original HW/SW configuration.

    So now I'm not installing SP4 because it BREAKS MY SYSTEM - not because I'm unaware of it, or too stupid to install it.

    I don't need nor want some dumbass "I'm smarter than you, and doing this for your own good" 1337 prick trying to install SP4 for me.

    --
    ...Also, I didn't know Buggalo could fly.
  6. Re:Beating keystroke loggers by anti-trojan · · Score: 4, Insightful

    Once you know the characters that the password consists of, the possible combinations are very limited. You can try every combination in a few seconds.

    --
    Virus infects both Windows and Linux!