When Malware Authors Combine Efforts

← Back to Stories (view on slashdot.org)

When Malware Authors Combine Efforts

Posted by CmdrTaco on Thursday December 9, 2004 @06:40AM from the you-don't-like-your-data-anyway dept.

An anonymous reader writes "Spammers, Hackers and virus writers are all teaming up according to some russian security researchers. This means that they reckon that weaknesses will be exploited in a matter of hours of being announced, rather thant the weeks and months that we're seeing now. Scary stuff."

7 of 306 comments (clear)

Min score:

Reason:

Sort:

All the more reason.. by farsideofthemoon · 2004-12-09 06:43 · Score: 2, Informative

to lock down your enterprise with a File surveillence and security tool like i:scan... know what's happening before the user does...

--
I know what's on your hard dr
Groups of Attackers by teiresias · 2004-12-09 06:45 · Score: 2, Informative

I don't think more people cooperating will really find new exploits, they will simply explore the ones they have already found. So, instead of an exploit coming out and than a derivative coming out a couple weeks later, we will see four or five derivates in quick succession of the original exploit.

Also, what "new" cooperation tools are malware writers using to communicate with each other? I'm fairly sure that IRC, Instant Messaging, VoIP, Bulletin Boards, and e-mail have all been standard communcation tools for these people. Maybe the groups now have more members.

--
-Teiresias
Re:Uhm.. You know those russian security experts by chris88 · 2004-12-09 06:48 · Score: 3, Informative

Kaspersky is to blame, not Russians in general.

They also predicted "Internet Terrorist Attack" in August.
Move along, nothing to see here by worktheweb · 2004-12-09 06:57 · Score: 3, Informative

These are the same guys who were predicting an "Internet Meltdown" a little while back -- I'd take their prognostications with a grain of salt ...

http://it.slashdot.org/article.pl?sid=04/08/25/1 53 3213&tid=172&tid=95&tid=1
Re:Security Through Obscurity by Cid+Highwind · 2004-12-09 07:42 · Score: 2, Informative

Specific descriptions of a new vulnerability let sysadmins deploy new IDS/firewall rules to detect and block malware, write scripts to scan for infected hosts on their network, etc. Non-specific "there's a new remote-root hole in openSSH, but we're not telling you what it is" announcements just give people ulcers.

--
0 1 - just my two bits
Et tu, menkhaura? by Anonymous Coward · 2004-12-09 07:47 · Score: 1, Informative

"C'mon, I know Slashdot is crawling with Windows users, wannabes and such, but this is getting offhand!"

Mistaking "offhand"(sic) for "out of hand" is acceptable on Slashdot, where people aren't very aware of such subtleties. But IN the general media?

(Off-hand means "casually dismissive", ie "I can't stand Fry's, their off-hand attitude is getting out of hand")
Protocols will have to get more resilient by Dr.+Manhattan · 2004-12-09 09:18 · Score: 2, Informative

I'm too scared to have my ssh server exposed to the raw net. Things like port knocking and so forth help, but suffer from reliability and resource problems. I created an authentication protocol that's correct by inspection and utterly immune to any attack short of actually finding out the secret key.
In these days of 0-day exploits, I just can't take the chance that someone will find a hole in ssh and create a Warhol-worm before I can install a patch. I sleep better now...

--
PHEM - party like it's 1997-2003!