Slashdot Mirror
CA Warns Of Massive Botnet Attack
m4dm4n wrote to mention a story running on The Register which describes a coordinated malware attack designed to establish a massive botnet. From the article: "The attack involves three different Trojans - Glieder, Fantibag and Mitglieder - in a co-ordinated assault designed to establish a huge botnet under the control of hackers. Computer Associates reckons that access to the compromised PCs is for sale on a black market, at prices as low as five cents per PC."
Now witness the power of this fully operational botnet... :/
Welcome to Blackbeard's weapons emporium. You will see we have the finest collection of AK-47s, anti-aircraft missiles, and Airzookas. Oh, and over here we have wholesale zombie PCs.
Do I have to buy the whole network at 5 cents a PC? Or can I just buy say a dollar's worth? I wouldn't mind having 20 PC's... I can force all those PCs to join my network games of Quake and Unreal... finally I'll have people to play with... gasp... maybe even online 'friends'! Mommy will be so happy... in fact I think I'll go upstairs right now and tell her the good news!
---
Programming is like sex... Make one mistake and support it the rest of your life.
Maybe the SETI program should invest in some of this cheap computing power...
Glieder, Fantibag, Mitglieder?
These guys shouldn't be writing code, they should be writing Harry Potter novels.
access to the compromised PCs is for sale on a black market, at prices as low as five cents per PC.
Heck, that's five cents more per PC than SETI@Home pays me, and they won't eat me when I find them like the aliens will.
1. Get every compromised PCs to join the same botnet.
2. White-hat hack into the botnet.
3. Tell all compromised PCs to wipe their hard drives.
4. No more compromised PCs! Well... not for a while anyway!
Moving to a new platform/OS without knowing all the ins and outs, could be just as dangerous as staying with Windows.
I remember my early days with Linux, back when I used to futz around and actually made my machines less secure, before I learned a great deal more about the OS and its features.
I am not saying that switching is bad, I am just saying that it is important to know what you are switching to before making the switch.
Nobody should get caught with their firewall down holding their LAN cable in their hand...
If you ignore the other uses of a tool, does that make the tool less useful, or you less useful?
...at five cents per computer, they do have a lower TCO after all!
Weaselmancer
rediculous.
This is really starting to smack of organized crime. A friend of mine forwarded an article to me on this last night.
If you are an end user who just wants to use your computer, it may be time to look at getting a Mac. The bar for information security in the face of this level of organization is getting too tall for your average end user.
If you are in an enterprise situation and have a usage policy that allows users to use corporate equipment for personal banking on breaks, you may want to reconsider that policy.
Oftentimes, computer usage is negotiated by labor unions and you cannot simply change computer use policy out from underneath users. In this case, I wonder what the legal responsibilities of the company are to exercise due dilligence in protecting its end users?
If you haven't already done so, it's time for a lesson in defense in depth. That means IDS, IPS, Firewalls, Antivirus, Spam blockers, AV web proxies, etc. And because perimeter defense is all but a quaint memory in today's more agressive world, you may want to look at host-based firewalls and other AntiWorm systems.
Good luck. We all need it.
-Peter
. Penguins Surely Ca
I think it would be fine to move to OpenBSD, and keep all your settings on 'paranoid'.
:)
It does ship *secure* out of the box. No remote exploits.
Don't open any ports until you get the hang of it.
Either way, it won't be *more* dangerous than Windows
WhiteWolf666 an exBush supporter. All you new-school,compassionate,save the children Republicans can rot in hell
In a recent survey of BotNet administrators, hosts running Microsoft Windows operating systems were found to have at least a 40% less TCO than a comparable Linux offering.
"With volume discounts and integrated tools, we can now offer "managed" remote hosts as low as 5 cents per unit."
one better than mcleodeight
I would suggest using user levels.
regular customers would get level 1 or level 0. (Web and mail access, no incoming ports, etc.)
Then it would be a customer's decision to apply for a higher level. maybe pass a test, portscan, etc. sign something that gives them responsability for the services running on their box.
They could even make higher levels cheaper, as an incentive for customers to educate themselves. like level 4's get 15% off their monthly bill.
OK, these things need to be taken seriously, but any press release needs to be taken with a grain (or bag) of salt. Spyware is the threat flavor of the day, and the specialized programs (ad-aware/spybot/spy sweeper/etc.) are better at managing it than traditional A/V is (at least right now). Bots are scary. Need to reformat and reinstall (our instructions to students at this major university). Viruses you can just clean (mostly, but mytob is throwing a wrench into that clean division). You figure which is scarier.
CA is the only product which detects ALL three of the mentioned viruses as of this posting. Which is not to say that they're making this up, but I'd be more willing to believe it if it came from the Secret Service or CERT.
Confucius say, "Find worm in apple - bad. Find half a worm - worse."
Yes, you can secure a windows box.
But, does every end user need to be a damned security expert? Sorry, but the average Joe shouldn't have to know what the hell a host based firewall is, much less if it's a good one.
Sorry, cowboy, if you are looking for easy (Gentoo doesn't cut it) and reasonably secure, the Mac is a pretty good option.
Now, if you notice, the second part of my post dealt directly with defense in depth for enterprises that pay for real, professional security experts to mitigate the risks of running Windows. Windows can be managed, but it's expensive and requires more due dilligence than some other platforms that ship with a better default security posture.
Congrats on the purchase of your Venitian AMD64. When *you* get off your duff and provide support to *my* extended family's fleet of PCs at slash-rate prices, I'll list you as an alternative to buying an Apple.
Cheers!
-Peter
. Penguins Surely Ca
Swiss banks are so 20th century. They're expensive to open, and they actually cooperate with Interpol on money laundering.
Caymans are where it's at.
I am no longer wasting my time with slashdot
SpamForum
SpecialHam
And the new WildBiz.
WildBiz does not require registration; the other two do. Just enter the forums and look under "Proxy Lists". Typical ads:
First of all Hi to all of my seniorshooters here..
Having good collection of fresh Proxies and got DM ["Dark Mailer"
DM Latest version (Full) for $49
Fresh Proxies $50 for 500 proxies
dmandproxies@iamdns.com
61.246.226.69:3128@TUNNEL$GOOD$20297$Australia
81.33.4.70:3128@TUNNEL$GOOD$2953$Spain
61.246.226.69:3128@TUNNEL$GOOD$20297$Australia
218.208.247.81:3128@TUNNEL$GOOD$15219$Malaysia
219.144.194.74:1080@SOCKS4$GOOD$1125$China
66.154.54.215:80@TUNNEL$GOOD$4157$United States
66.154.54.224:80@TUNNEL$GOOD$1266$United States
We provide Hourly Updated Fresh Proxy Lists, which can be used for bulk mailing
That's how you market a botnet.
Yes, these operations are addressed to wannabe spammers. But the fact that they're advertised openly indicates how weak enforcement is.
>>is there any hope that all the bad things that are happening with Windows (and Microsoft), that they will change their ways and actually anticipate some of these problems that are occurring?
As great and infallible as non-Windows OSs are, these same problems exist with Linux, Mac et al, just on a much smaller scale. Having some 95% of all desktops, Windows is the natural target here.
The problem isn't Windows or Microsoft. The problem is the **users**. They open email attachments without questioning the source. They don't run anti-virus software (or don't maintain the subscription). They don't employ firewalls. They don't update and patch their systems. They don't scan their systems for adware.
Yes, IE allows adware to be installed. Yes, Windows has the RPC hole. Yes, the windows kernel is, has been, and most likely will always be, insecure. But there are steps that a user can take to protect themselves. I have used Windows since Win286 and I have never been infected with a virus, never been compromised by a worm and never been the victim of spyware. I'm not an anti-MS person but I don't blindly use their software. I have more *nix servers than Windows servers but you could hardly consider me a fanatic.
True, I'm an IT professional and have a greater knowledge of PCs than 99% of users out there (just like the rest of us here), but it's not rocket science to keep yourself protected.
If the Penguin Dream of taking over the desktop ever comes true, you can bet that viruses, trojans, adware, etc will become an epidemic on Linux just as it is on Windows.
Remember: dumb users are platform-independent.
Ryosen
One man's "Troll, +1" is another man's "Insightful, +1".