Slashdot Mirror

← Back to Stories (view on slashdot.org)

MyDoom Seeks to Destroy Antivirus Firms

Posted by CmdrTaco on from the i-know-the-feeling dept.

Khoo writes "Worm writers are threatening to attack antivirus companies F-Secure, Symantec, Trend Micro and McAfee. In the latest version of MyDoom--MyDoom.AE--the authors embedded a message ridiculing rival worm Netsky and promising to attack the antivirus companies."

22 of 284 comments (clear)

  1. Live Update by UID1000000 · · Score: 4, Insightful

    Maybe they can destory Live Update so that Symantec can finally create a copy that isn't a resource hog.... wait....

    *sighs*

    nevermind

    --
    UID 1000000 is just around the corner.

  2. Destroy ?? by MHleads · · Score: 5, Insightful

    The only way to destroy Anti-virus firm is to stop writing viri. The more the viri, the more $$$ for AV companies.

    1. Re:Destroy ?? by Anonymous Coward · · Score: 0, Insightful

      "viri"

      Good going, you even failed to spell an inexistent word "correctly"!

    2. Re:Destroy ?? by Anonymous Coward · · Score: 4, Insightful

      They already stopped writing "viri" and "virii", because most people who aren't affecting some ridiculous air of pseudo-intelligence write viruses instead.

      Anyway, true viruses are damn hard to find nowadays. Most AV programs protect against trojans and worms, not file-infecting viruses. Any AV company worth a damn has turned into a general security company (take note that symantec also owns bugtraq, for example). Long as people break into places, we're going to have locks....

  3. Re:Just a bunch of horse crap... by millahtime · · Score: 4, Insightful

    I have OS X and us users need to quit trash talking. To many of us don't use antivirus software. And, yes, despite it being an amazingly secure setup there are holes as in any system. So, lets not provoke the smart virus writers who can write one for OS X if they put enough time and effort in. Lets stay low key as long as possible

    --
    Evolution or ID?
  4. Thanks, guys by Anonymous Coward · · Score: 1, Insightful

    You turned every legit hacker out there into a potential terrorist. You're handing the net over to authoritarian politicians who are not interested in real security or the free flow of information. Fucking idiots. Why don't you burn down libraries for chump change? Same thing...

    1. Re:Thanks, guys by eclectro · · Score: 4, Insightful

      Unfortunate but true. Just as WMD was used as an excuse for Iraq, Viruses will justify a new draconian Patriot Act II that really will do nothing to stop virus writers but will do everything to control law abiding citizens.

      --
      Take the cheese to sickbay, the doctor should see it as soon as possible - B'Elanna Torres, "Learning Curve"
  5. N3ws for n3rds, Stuff best left unheard ... by Delirium+Tremens · · Score: 4, Insightful
    Maybe, just maybe, we should not give those guys any free publicity... Wouldn't this actually be a good news to skip and left untold?
    We don't really want to boost the ego of those jacks, do we?

    And hopefully, Taco won't repost the same story in a few days...
    <sarcasm/>

  6. Mild threat by tmoore09 · · Score: 2, Insightful

    The threat of a DOS attack is quite mild to actually writing truly malicious code. Something along the lines of repartitioning the harddrive and reformat the drives upon reboot. The viruses that we have seen have been mainly to slow or disconnect the victim from the network. I feel there could be worse scenarios that could happen besides what we have seen thus far.

    1. Re:Mild threat by Patrik_AKA_RedX · · Score: 4, Insightful

      A DOS-attack isn't "quite mild" when your business depends on your internet connection (e.g. Amazone). Not to mention the bill for all that extra traffic.

  7. Re:all your base are belong to us by Anonymous Coward · · Score: 1, Insightful

    Two words: Script Kiddy.

    clueless lusers also help propagate this crap, any halfassed attempt at virus creation will result in a significant number of infections, because users have become increasing dim-witted and moronic as the years have progressed.

    Well more availability of internet access helps too I guess, but I prefer the former hypothesis.

  8. Why are all these Anti-Virus people using windows? by jellomizer · · Score: 2, Insightful

    Just so they can use their produts to protect themselfs from viruses. I would trust an Anti-Virus Company more if they were runinning OpenBSD or some other Secure OS. Yea sure they make anti-virus for windows but that is because they know that windows is insecure. Becideds if someone wants a virus to spread they just kill the updates for the anti-virus.

    --
    If something is so important that you feel the need to post it on the internet... It probably isn't that important.
  9. Anti-Virus software is dangerous by Secrity · · Score: 5, Insightful

    This is the very reason why depending upon anti-virus software is dangerous. Anti-virus software causes people to become less careful about computer security. Becoming less careful about computer security because you have anti-virus software is something like driving less carefully because you believe that airbags will keep you safe in the event of a car accident.

    1. Re:Anti-Virus software is dangerous by rednip · · Score: 2, Insightful
      Becoming less careful about computer security because you have anti-virus software is something like driving less carefully because you believe that airbags will keep you safe in the event of a car accident.
      But Air Bags can save your life, I don't feel right riding in a car without a full set. While some people who use Anti-virus may use their systems uwisely, I however suspect that most people who take the time to install, buy and update the license, are more aware of the problem, not less. The real problem is people who don't care.

      The thing that worries me the most about Anti-virus is automatic updates, timed system scans, with unattended repairs, just think that if the update server was compromised (yea, I know *really* far fetched). A black hat could change the definition to read "destroy all .exe files" and/or .jpg, etc. I have my calendar remind me once a month to do Anti-virus and Spybot system scans, but I will not set them to automatic.

      --
      The force that blew the Big Bang continues to accelerate.
  10. Revamp IT infrastructure by wimbor · · Score: 2, Insightful

    Sometimes I wonder if it wouldn't be cheaper to just revamp the whole IT infrastructure.

    Let's say all companies in all countries, the governements and the IT suppliers join hands and pay into one large "IT fund" or donate research time and development for a joint new technology.

    At the same time governements all over the world passes legislation to increase the reponsibility of IT vendors like e.g. Microsoft (faster bug fixes required by law, free bug fixes, longer free support, better en safer Windows code, ...) and up-to-date legislation to procecute virus writer and so on.

    We use these measures to:

    1) Get rid of x86/WinTel and all its legacy technology and software (no more ISA, no more IRQ, no more Win/DOS compatibility, ....) and move to something decent (PowerPC? Heck, even MS goes to PowerPC for the future XBOX, so why not for PC's...)

    2) Get rid of Windows altogether and create a decent replacemnt for it without legacy and backwards compatability

    3) All governements by Apple Machines and Mac OS X at huge discounts: already a huge step forward in security of our personal information and files.

    I think this would enhance competition, drive the economy forward, foster future new developments and maybe get rid of monopolies and get decent competition in the IT market... and be a lot cheaper than the combined cost of all anti-virus licenses, and hidden costs of lost productivity and fall-out of current attacks...

    I know... I know... I'm dreaming eh... Some forces would be against this... Damn....

  11. Internet=insecure by j0kkk3l · · Score: 3, Insightful

    Don't ever mention again internet and secure in one sentence. it isn't secure and never will be. Just as commuting to work will never be secure. There are only different levels of security: if you go by car (Windows), bike (Amiga ;)), bus (Linux) or train (OS X).

  12. Re:think about it.... by leonmergen · · Score: 2, Insightful
    Would you hire a security company whose office broke down after 500,000 people started throwing rocks at it ?

    Yes, I would, it's nothing they could prevent.

    --
    - Leon Mergen
    http://www.solatis.com
  13. Has anyone thought about this.. by Anonymous Coward · · Score: 3, Insightful

    A virus that performs a Denial of Service attack against the "automatic update" servers used to keep the client av software up to date?

    You then have a virus that is attacking the 1 thing that can "defeat" it, thus the virus "wins" as it has effectivly knocked out the source of the antidote (providing the virus is able to spread at a very fast rate for the initial 12 or so hours).

    There is quite a lot of research on the web regarding the speed at which viruses spread and the # of hosts infected in the first X hours, which makes for interesting reading.

    To do it properly the virus shouldnt have any hardcoded IP addresses or domain names but instead seek the server name(s) from the (registry|av-binary|where ever it is stored). Other virus have failed in the past because l33t master coders were stupid enough to hard code a list of IP addresses.

    A fast spreading virus that could do as described IMO would be a truely "successful" ground breaking virus, and it would certainly be interesting to see how the AV companies react to that.

    (Im NOT suggesting, nor encouraging it to be done, just looking at an idea from a problem solving / technical implementation POV).

    Jason

  14. Re:think about it.... by Tenebrious1 · · Score: 4, Insightful

    Do you want to use the antivirus product of a company whose network goes down due to a virus?

    Any company's computers, even the best AV writers, are vulnerable to 1st day infections. Any company could get slammed if an unknown virus is introduced directly into their networks. So what would matter to me is not that they were taken down, but how quickly they are able to get their systems back online. That's indicative of how quickly they can get updates online and out to the rest of us who may be suffering the same fate.

    --
    -- If god wanted me to have a sig, he'd have given me a sense of humor.
  15. Re:all your base are belong to us by mistersooreams · · Score: 2, Insightful

    Let's not over-simplify things.

    For a start, not everyone that writes a virus is an idiot. Yes, there are hundreds of script kiddies re-using someone else's virus code, but somewhere down the line, there's a black hat who is coming up with some pretty smart code. Let's not group together all virus writers as idiots and thus underestimate the threat they pose, which is probably greater than ever.

    Secondly, they may have little command of the English language, but there's a fair chance they are not native English speakers. The majority of new viruses these days seem to be eminating from Russia, China, and South Korea (by no coincidence, the relatively unpoliced areas of the internet). Don't take their poor English syntax as a sign of stupidity!

    It seems we may be in grave danger of tarring all virus writers with the same brush. These guys may be black hats but they are not all stupid. Let's not leave ourselves vulnerable by assuming that they are.

    --
    apterous.org
  16. Re:Viruses are boring... by ppswede · · Score: 2, Insightful

    That is also the reason no such viruses infect computers on a large scale - just like parasites in the nature. A parasite that kills it's host and prevents it from spreading will in effect limit it's own spreading of genes/offspring... Now, a virus that spreads epidemically like the recent ones has, and at a given point destroys boot sectors or partition tables, now that would be funny..

  17. Re:Thoughts and musings on releasing malicious cod by rewt66 · · Score: 2, Insightful
    I know this sounds paranoid but **** happens.

    Yeah, well, you are talking about regimes where the consequences of being discovered are a certain and painful death, I think being paranoid is probably pretty good advice...

    But XORing against a random byte stream is not very good advice, because it is much more difficult than you might expect to generate such a random byte stream. Hint: The random number generator that comes with your compiler is not good enough.