Slashdot Mirror

← Back to Stories (view on slashdot.org)

Zotob Worm Hits CNN and Goes Global

Posted by ScuttleMonkey on from the hack-the-planet dept.

securitas writes "The Zotob MS05-039 worm mentioned on Slashdot last Sunday may be the most recent virus that has gone global, hitting Windows 2000 desktops at CNN, ABC, the New York Times, and many others. The virus is spreading around the world rapidly as compromised systems become bots and propagate the worm, with reported outbreaks in Germany and China. InformationWeek has a decent article titled Zotob Proves Patching "Window" Non-Existent. Microsoft calls it a "low impact" threat and tells you What you should know about Zotob. Symantec has W32.Zotob.D removal instructions. Trend Micro thinks that this is a new, different worm altogether and says it is one of the fastest-spreading infections in history."

12 of 522 comments (clear)

  1. MS says.. by Turn-X+Alphonse · · Score: 5, Insightful

    It doesn't effect Windows XP, so Microsoft will just go "You should of updated". Which will lead to more sales of XP by the masses beliving they need the latest OS to "be safe".

    --
    I like muppets.
    1. Re:MS says.. by Anonymous Coward · · Score: 3, Insightful

      Well it's true, isn't it?

      I don't run vulnerable versions of the Linux kernel either, do you?

    2. Re:MS says.. by (startx) · · Score: 4, Insightful

      I don't run vulnerable version of the Linux kernel, but then again I don't have to pay to upgrade either.

    3. Re:MS says.. by DrCode · · Score: 3, Insightful

      Also, you don't have to upgrade everything, either.

  2. All of a sudden by inode_buddha · · Score: 5, Insightful

    All of a sudden, a worm makes mainstream news because it invaded CNN's network. I guess that is a sad indicator of what it takes to raise awareness.

    --
    C|N>K
    1. Re:All of a sudden by fdiskne1 · · Score: 4, Insightful

      I was in the process of testing the latest patches and was planning on expanding them out to the rest of the couple of thousand machines later in this week. I heard about the exploits available online when I woke up Sunday morning. I worked on Sunday making sure the couple of thousand machines we have were patched. By the time I was done, two viruses taking advantage of the vulnerability were in the wild so I got the signatures updated in case any machines were missed by the auto update I started. Today as I was about to leave, someone up the chain of command (not in a direct line of management with IT, thankfully) with no IT knowledge called, nearly in a panic. "My mother just called and CNN is calling this one of the worst viruses ever." I figured, "Yeah, she read a virus hoax email." She conference me in with her mother so I could hear what CNN was saying. I have never heard so much hype over such a minor virus before. From what I heard, it sounded like they were way over the top. I calmly explained to them the process I went through and when. CNN is reporting it two days later. I know this is a new version, but jeeze. Haven't these companies learned from previous virus events? I'm glad I stopped watching major media news.

      --
      But why is the rum gone?
  3. Of course this is more important than... by craznar · · Score: 4, Insightful

    160 dead in Venezuela Crash, Gaza Pull out and Paul Abdul's Idol issues.

    I doubt it - yet it's front page on CNN.COM...

    --
    EMail: 0110001101100010010000000110001101110010 0110000101111010011011100110000101110010 0010111001100011011011110110
  4. I have to ask by js3 · · Score: 5, Insightful

    why a company like CNN and ABC with billions of dollars in revenue is still running unpatched windows 2000 computers.

    --
    did you forget to take your meds?
  5. Re:Is your computer infected? by Anonymous Coward · · Score: 4, Insightful

    You seem to have left a few out.

    If OS is Windows 95, No
    If OS is Windows 98, No
    If OS is Windows ME, No
    If OS is Windows XP, No
    If OS is up to date with security patches, no

    Or just to make it easier
    If ((OS != Windows 2000)&&(System.HasAllTheSecurityUpdates != True))
    Then Could be.

  6. the real news story is by Indy1 · · Score: 4, Insightful

    Major media corp IT depts badly behind in patching their systems, news at 11!

    Honestly Zotob is a joke. I work IT for a major university thats 95% win 2k and xp, and so far we've had 0 zotob infections. I wouldnt be surprised if we eventually got 1 or 2 here and there with old boxes that arent tied into the domain, but the vast majority of the workstations auto update themselves and hence this is a non issue for any properly run network.

    --
    Lawyers, MBA's, RIAA? A jedi fears not these things!
  7. MS authored? by saddino · · Score: 3, Insightful

    So, MS, who desperately wants the 50% or so of entrenched businesses still on 2000 to upgrade, claims this worm is "low impact" hmm?

    Clearly, MS is implying the solution is to upgrade to XP. From their site: If you are using any supported version of Windows other than Windows 2000, you are not at risk from Zotob and its variants.

    How convenient! Really, why do I think the first answer to Bill's brainstorming marketing session on "How do we get people to move off 2000?" was some smart-ass saying "Well, we could always write a virus or worm for it."

    After all, any notion of "irreperable harm" from security threats has vanished in the onslaught on the Windows hegemony. One little, "not so bad" worm wouldn't really hurt the Windows reputation any more than it already has been, and it sure would be a nice kick-in-the-pants for those businesses sitting on the 2000 fence.

    Just saying^H^H^H^H^H^Hpostulating.

  8. Re:Removes spyware? by mabu · · Score: 4, Insightful

    It makes perfect sense.

    All these worms are written by spammers who want to turn the machines into zombied SMTP servers. They want to disable other exploitive processes.

    If all major ISPs filtered port 25 traffic (like AOL does) from anyplace other than their in-house SMTP gateways, you'd see worm activity drop to almost nothing. It's all about spamming. And the feds don't seem to care. Sooner or later, the major broadband providers will act responsibly and stop their clients from becoming spam zombies, then there won't be much of a need for these worms to be released. That's what they're all about: spamming.