MyDoom Seeks to Destroy Antivirus Firms
Khoo writes "Worm writers are threatening to attack antivirus companies F-Secure, Symantec, Trend Micro and McAfee.
In the latest version of MyDoom--MyDoom.AE--the authors embedded a message ridiculing rival worm Netsky and promising to attack the antivirus companies."
Maybe they can destory Live Update so that Symantec can finally create a copy that isn't a resource hog.... wait....
*sighs*
nevermind
UID 1000000 is just around the corner.
The only way to destroy Anti-virus firm is to stop writing viri. The more the viri, the more $$$ for AV companies.
I have OS X and us users need to quit trash talking. To many of us don't use antivirus software. And, yes, despite it being an amazingly secure setup there are holes as in any system. So, lets not provoke the smart virus writers who can write one for OS X if they put enough time and effort in. Lets stay low key as long as possible
Evolution or ID?
We don't really want to boost the ego of those jacks, do we?
And hopefully, Taco won't repost the same story in a few days...
<sarcasm/>
Unfortunate but true. Just as WMD was used as an excuse for Iraq, Viruses will justify a new draconian Patriot Act II that really will do nothing to stop virus writers but will do everything to control law abiding citizens.
Take the cheese to sickbay, the doctor should see it as soon as possible - B'Elanna Torres, "Learning Curve"
This is the very reason why depending upon anti-virus software is dangerous. Anti-virus software causes people to become less careful about computer security. Becoming less careful about computer security because you have anti-virus software is something like driving less carefully because you believe that airbags will keep you safe in the event of a car accident.
Don't ever mention again internet and secure in one sentence. it isn't secure and never will be. Just as commuting to work will never be secure. There are only different levels of security: if you go by car (Windows), bike (Amiga ;)), bus (Linux) or train (OS X).
A DOS-attack isn't "quite mild" when your business depends on your internet connection (e.g. Amazone). Not to mention the bill for all that extra traffic.
A virus that performs a Denial of Service attack against the "automatic update" servers used to keep the client av software up to date?
You then have a virus that is attacking the 1 thing that can "defeat" it, thus the virus "wins" as it has effectivly knocked out the source of the antidote (providing the virus is able to spread at a very fast rate for the initial 12 or so hours).
There is quite a lot of research on the web regarding the speed at which viruses spread and the # of hosts infected in the first X hours, which makes for interesting reading.
To do it properly the virus shouldnt have any hardcoded IP addresses or domain names but instead seek the server name(s) from the (registry|av-binary|where ever it is stored). Other virus have failed in the past because l33t master coders were stupid enough to hard code a list of IP addresses.
A fast spreading virus that could do as described IMO would be a truely "successful" ground breaking virus, and it would certainly be interesting to see how the AV companies react to that.
(Im NOT suggesting, nor encouraging it to be done, just looking at an idea from a problem solving / technical implementation POV).
Jason
Do you want to use the antivirus product of a company whose network goes down due to a virus?
Any company's computers, even the best AV writers, are vulnerable to 1st day infections. Any company could get slammed if an unknown virus is introduced directly into their networks. So what would matter to me is not that they were taken down, but how quickly they are able to get their systems back online. That's indicative of how quickly they can get updates online and out to the rest of us who may be suffering the same fate.
-- If god wanted me to have a sig, he'd have given me a sense of humor.