Slashdot Mirror
Computer Virus Fells Russian Stock Exchange
azav wrote to mention the New Scientist story detailing the computer virus that brought down the Russian Stock Exchange. From the article: "As the world waited for one computer virus to strike on Friday, another wriggled its way into the Russian stock exchange and knocked it offline. Computer experts had warned that 3 February could bring gloom for many as a computer virus called Nyxem was scheduled to start deleting files on machines it had infected."
The Stock Exchange brings down computer viruses! oh wait..
come again?! fells russian stock exchange? pc loadletter?? what the @#% does that mean??
Insinct is stronger than Upbringing - Irish Proverb
we have a testing machine... connected to the internet of all things... AND connected to the same network the production system is running on... and evidently it's running on ms-windows...
Donald 'Duck' Dunn: We had a band powerful enough to turn goat piss into gasoline.
Russian Trading System is like Real Time Strategy. And then comes cheaters... and haxors... God dammit! It's hard to play fair in these times!
And what is mickeysoft exactly?
Virus? I wanted to play Global Thermonuclear War....
A bullet sounds the same in every language. So stick a fucking sock in it...
And they use computers? This is excellent news!
I'm sorry. The number you have reached is imaginary. Please rotate your phone 90 degrees and try again.
I have Debian installed. I feel much better.
Isn't it spelled Nymex, not Nyxem. New York egnahcxE Merchantile just doesn't make much sense as an acronym.
Oh well, I guess virus writers are getting dumber by the day if they can't even spell their targets' name properly.
i know there will be people saying "oh my, running windows, sucks to be you" but if you look past the trollishness of these posts they actually have a point in this case. running windows as anything mission critical is stupid, it's a desktop system at heart, and an unstable one at that. running the bloody stock exchange on it is suicidal. theres always some dick who opens that dodgy email, so if your net is that important run the mission critical servers at least on some flavour of unix
This is ironic, as Russia has arguably some of the best computer security experts in the world. Those that know how to exploit the holes can also advise how to secure against threats. I wonder if it's due to talented Russians leaving the country to work abroad?
Get your own free personal location tracker
I don't understand how all those large, important companies dare to run their systems on Windows if they need to keep them online 24/7.
it's terrible, I hear the ruble is down to $0.000001 again...
"A door is what a dog is perpetually on the wrong side of" - Ogden Nash
Did someone want to play a game?
Download a funny clip?
Did you learn nothing from the cold war?1 9247
http://it.slashdot.org/article.pl?sid=04/03/02/07
M$ is the Trojan horse, you add it to your systems and anyone can just walk in.
Domestic spying is now "Benign Information Gathering"
Are you living in a cave? Russian stock market almost doubled last year. It was the most profitable stock market in the world in 2005.
1.) How big the exchange is.
and
2.) What computers they were using.
Russian stock market almost doubled last year.
Yes, and the NASDAQ doubled in 1999.
In soviet russia... *ducks*
This sentence contradicts itself - no actually it doesn't.
it was StarForce.. now can i have my $10k reward?
Stock exchange gives YOU virus!
fells === causes to fall (as in "I felled a tree.", meaning "I chopped down a tree").
So "Virus Fells Russian Stock Exchange" means "As the world waited for one computer virus to strike on Friday, another wriggled its way into the Russian stock exchange and knocked it offline.".
Probably the new way of bashing MS. Since M$, Micro$oft and MicroShit are now deemed uncool, retards have to find a new way of naming it, cause, you know, typing MS or MicroSoft is offensive or something.
"The way we can tell it's C# instead of Haskell is because it's nine lines instead of two." -- wadler
Actually, it's an intentional change. A washington post article posted on /. a few hours ago explains:
[The choice of the name Blackworm] runs counter to the naming conventions of the anti-virus community, which generally goes out of its way to bastardize the name it thinks the virus or worm author would like its creation to have. (For example, "Nyxem" was derived by transposing the letters "m" and "x" in "Nymex," which is the common shorthand term for the New York Mercantile Exchange, the worm's original target.)
I posted this exact same story yesterday and it got rejected.
Would the slashdot moderator please explain why.
'computer' virus crashes Russion Stock Exchange
Friday February 03, @05:41PM Rejected
rs232.journal
davecb5620@gmail.com
I use Linux. I don't have viruses. It is simple? Isn't obvious?
They have virus in big financial stuff. They are using Windows for it. They are dumb people.
It's their fault. It isn't fault of virus author. It isn't fault of Microsoft or Bill Gates. It's fault of dumb people!
...why some people feel compelled to leap to the defense of Microsoft under these circumstances. It's a large company, with colossal wealth and wall-to-wall lawyers, yet people such as yourself can't resist attacking those who criticise the company or its (mis)behavior. Even if the posts are by mindless teenage trolls, the fact remains that Microsoft doesn't deserve to be defended.
So why do it? Are you employed by Microsoft in some capacity? Or did you blow the trustfund on Microsoft certification, convinced (erroneously...very erroneously...) that it would lead to fame and fortune within the IT industry? Do derisive jabs and barbed comments aimed at Microsoft touch a raw nerve with you?
I would higly recommend "Hackers" from 1995. The movie takes place in 1988, and starts out with an 11 year old boy taking down Wall-Street! It even has a hothothothot Angelina jolie starring as _the_ hacker-chick... 8) http://imdb.com/title/tt0113243/?fr=c2l0ZT1kZnx0dD 0xfGZiPXV8cG49MHxrdz0xfHE9aGFja2Vyc3xmdD0xfG14PTIw fGxtPTUwMHxjbz0xfGh0bWw9MXxubT0x;fc=1;ft=23;fm=1
Is that M$ knew about this a long time ago, yet stood back and did nothing to help. Except for their premium customers, of course. It needs to be taken into account that there should be some kind of responsibility for these actions.
Monetary damage has been inflicted, and the makers of the software had all the tools and knowledge to prevent this happening.
If you made a car, and you knew that there was a flaw that caused it to stop working, you have a responsibility to recall the car / fix it for free.
The same should apply here. Just holding back because it's 'not in your scheduled update cycle' is another example of their outdated practices. Admittedly theres always a lag for testing and so on with patches, but in this example it was already done because they were offering the update to their subscription customers.
Grrr.
-- incubus
Sticking feathers up your butt does not make you a chicken.
In Russia, stock exchange fells you!
PocketGamer.org - For the gamer on the go!
In every detail.
Got time? Spend some of it coding or testing
When these decisions are being made, you may feel as though you're stuck in a slow-motion sequence in a horror film, leaping to save someone, someone very beautiful that you could care about deeply if only you knew them a little better, someone who doesn't deserve to be eaten alive by a vicious monster, or maybe they do, but you just don't know it, anyway you don't know it and you didn't thnk of that until later, much later, after years of therapy in fact, all the while, leaping in futile slow motion to save a fatefully doomed monster victim, certain of their inevitable doom, crying "Nooooooo!" at the top of your lungs to no avail, due to the slow-motion and your voice having been run through an under-water pitch-reducing distortion filter. Yet another heroine devoured by the monster, just out of arms reach... You think to yourself, "If only... If only... If only I hadn't been stuck on slow motion..." when suddenly realize you're not alone, and you're thinking out loud, reliving the nightmare.
At this point a friend interrupts your navel gazing to say, "The monster would have eaten you too. Don't feel so guilty." whereas the cliche movie therapist would say, "How does that make you feel?" If you hear the former response, you're probably in meatspace, the latter, and you're still either dreaming or you really are a character in a horror film, and the monster is about to come crashing up through the floor or in through the window and eat your therapist.
Windows systems can be found:
Although it might be true that no rational and informed person would set up such critical systems on a system with the stability and security track record of Windows, remember that such decisions are typically made by a bureaucracy, not by rational and informed individuals. The field of psychology has studied this phenomenon and call it "groupthink".
Groupthink
Wikipedia on Groupthink
A First Look at Communication Theory (Ch. 18, 3rd Edition)
If you mod me down, I shall become more powerful than you could possibly imagine.
The liability questions that you raise are probably less clear-cut than they first appear. Much of the actual exploitation of which the industry is aware exploits vulnerabilities which have been long patched. Others have suggested that home users be held accountable (e.g. liable) for evil deeds done to other systems by their presumably unpatched home PC systems. However, when a vulnerable system can be 0wn3d in less than two minutes of exposure to the internet, it's clear that home user responsibility is problematic. The same arguments and complications with respect to responsibility (and there are other examples) apply to most of the viruses, worms and botnets that plague the typical corporate or government network. Many of the exploited defects were patchable, but not actually patched by the customer, by the time of exploitation.
Nobody wants to fire the first liability shot, because the technical issues are complicated enough that nobody could predict how it might come out in a court room.
If you mod me down, I shall become more powerful than you could possibly imagine.
"Eyal! Eyal! Get your arse over here. The kitchen's a fucking tip"
"Sami what the fuck?"
With the amount of money invested in stock and the speed at which disaster can strike companies/people when a Stcok Market goes down, why on earth are they running an OS that is as vulnerable and unreliable as Windoze?
You have moved your mouse. You must restart Windows for these changes to take effect.
The reason not to have Windows in charge would security related. However, even there one could argue that if set up properly that concern would be obviated. Nonetheless, the tardy response that characterizes Microsoft too aptly (other than in rhetoric) and cost would be the reasons not to use their option.
Windows has improved, so much so that the first time I used Windows NT 4 on assignment I did not reboot the machine, because there were no machine lockups. I last saw a blue screen of death on a network back when Windows was at best an environment: Win 3.x. It was only later when my results sets returned radically altered, without seeing any reason in my query code changes, taught me that Windows had developed a more subtle failure mode. Thereafter, reboots every week whether needed or not.
One last point: no where in the article could I find what OS was actually being used. Are you presuming it was Windows or did you see some text I missed?
+1 Insightful
I bet this is the _last_ major virus exploit in Russia. Once a few nerds are sent to a Gulag, they'll go back to attacking the US miliatry. I tend to believe the Russian penal system, especially crimes against the economy, will be dealt with a bit harder than what happened to say, oh, Mr. Mitnik.
https://www.accountkiller.com/removal-requested
Windows isn't the root problem here. Windows just made it easier for the root problem to show up.
Why in the name of the Flying Spaghetti Monster was it possible to install unapproved software on a mission-critical production network? Any boilerplate security policy would have forbidden that. After you get that much right, then it's time to think about implementation issues like whether to use Group Policy to lock down software installation or whether to avoid an operating environment that installs software just because you visit a web page.
This incident didn't require the services of a hacker to prevent it. Nor a security consultant. A generic off-the-shelf sysadmin could have prevented this accident.
It was a subtle joke. I am aware of this.
Yes that sounds like a bad idea, but what can they do about it? The article is not very clear, but it looks like any other office to me:
Dmitry Shatsky, vice president of the Russian Trading System (RTS) said in a statement that a virus had infected a single computer used to test trading software that was connected to the internet. The entire network had to be temporarily shut down on Thursday as experts sought to isolate the infected machine and scanned others PCs for signs of infection.
Nowhere does the article say the Windoze testing machine was not firewalled, patched, subneted and gingerly treated the way it needs to be. You might even assume, as it was a test machine, that it was not used to surf "untrusted" sites. Yet, it was owned. Non networked bank ATM machines have been compromised by technician's laptops. There's a pattern here ... if you are running Windows, you are going to have problems like this regardless of network configuration.
I suppose they could further separate the testing machine. If they set up a wvdial modem box and stuck the Windoze machine behind that, they could limit the damage the Windoze machine can do. The problem is that they might need better bandwith for their tests.
Friends don't help friends install M$ junk.
Wargames was much better than hackers.
Hackers was ok. Except for the clothes, fru fru parties, and all the pomp and circumstance that was akin to Weird Science bar wearing on the head scenes.
Those kids looked like they were wearing Michael Jackson castoffs mixed in with wardrobe from breaking 2 electric boogaloo.
I am 36 years old, and have been hitting the keyboards since around 1982, and been to many Ham Shows, computer clubs, and even participated in a little hacking in my time.
I never knew any extroverted freaks such as those in the movie.
I would reccomend.
1. Wargames
2. Max Headroom, movie and series. Everyone hacking everyone.
3. The Manhattan Project - Hacking at all levels, without computers.
Puto
The Revolution Will Not Be Televised
1. As F-Secure writes, Nyxem deletes files with extenstions: DOC, XLS, PPT, ZIP, RAR, PDF, MDB. .MDB FILES! PLEASE!
2. News said that deleting file was the problem.
Ok so only one extension of those can be used on a file, that can be a crucial file, that system has to have to keep running. But PLEASE! TELL ME, THAT THEIR STOCK EXCHANGE IS'T BASED ON
Hold it!
Dont forget the Indian stock exchange!!! Not only is it scaling new heights and breaking all past records.. most big-wig financial power-houses are giving investors (FDI and local) the green signal and predicting massive growth, which as of now seems unstoppable.
This sentence contradicts itself - no actually it doesn't.
In Russia, stock exchange runs Microsoft!
Everything in the Universe sucks: It's the law!
he used to go by the name of Zero Cool, but I think he calls himself Crash Override now!
This has become tiresome.
The Yorktown (CG-48) was in 1997 a test-bed for the Navy's Smart Ship program. USS Yorktown (CG-48) Test-beds are driven to failure. In 2004,the year of her retirement, Yorktown was assigned to Strike Group Wasp, a vote of confidence, I would think, in the vessel and in the technology. USS Yorktown Deploys as Part of Expeditionary Strike Group
Is there anything to dissuade me of my idea that Nyxem could have been hyped by Mikrat to cover this RTS strike? Anything at all? The world focuses on Nyxem (which, in effect, didn't happen) and then the RTS goes down. Seems a bit too coordinated to me. "Nyxem" seems to be an anagram for NYMEX (New York Mercantile EXchange), a securities market, not entirely dissimilar from RTS. Perhaps the NYMEX people should look out for this being a possibility on their system(s).
I swear I'm not a conspiracy theorist, but this all looks too coincidental.
Just my $.02.
#include <disclaimer.h>
#include <beer.h>
It should read: Russian Exchange trades in Computer Viruses
acording to this story on Arstechnica. Altho' I'm getting a 500 error on their eweek reference...
Mickeysoft wanna be fucking losers Adult film producer- wanna be mickeysoft user
subtle joke up your fucking ass loser
TFA kind of infers it:
As the world waited for one computer virus to strike on Friday, another wriggled its way into the Russian stock exchange and knocked it offline.
Computer experts had warned that 3 February could bring gloom for many as a computer virus called Nyxem was scheduled to start deleting files on machines it had infected.
Nyxem is programmed to randomly delete Word, Excel and PowerPoint documents as well as pdf files, zip files and several other file types. The virus was released several weeks ago and has spread by forwarding itself to email addresses found on the computers it infects.
But widespread damage failed to materialise and by early evening UK time on Friday several anti-virus companies said they had received no reports of incidents involving Nyxem. Patches against the virus had been released on 16 January.
But a collective sigh of relief was tempered by news that the Russian stock exchange has been subjected to an attack instigated by an unnamed, and apparently unrelated, computer pest.
qz
Here in Russia even railway tickets info terminals run linux. Though u can't say it looking at the gui frontend.. i just happened to see one being booted.
And a couple of small banks that i know here, in the backwater town in middle of nowhere run their backends on openbsd. So i guess that saying like, RTS runs something on "widows" sound like one has no clue.
Wow, and I thought that the Russian economy would collapse if they dared to send that one oil tycoon to jail. . .
These are my friends, See how they glisten. See this one shine, how he smiles in the light.
For obvious reasons I am posting anonymously.
I am heading a group of developers building interoperability solutions for an RTS subsidiary - Saint Petersburg Exchange. Before we were able to connect our testing server to the RTS's internal network we had to sign about three pounds of papers, certify the server and the network. Among other things, the server that we were allowed to connect to their network was absolutely forbidden to connect to any other network (even to our firewalled up the wazoo intranet). What amaizes me the most is that while the RTS guys made us jump through so many hoops, they thought nothing of just connecting their (oh so protected!) network directly to the Internet.
By the way, their trading system is written as a set of stored procedures for the MS SQL Server 2000. Until last Fall their primary VPN software ran on WinNT 4.0 only. Daily reports are sent to subscribers as FoxPro files.
Nonetheless, to take so called tech babble about the imminent attack of a worm expected to fire on the 3rd of every month to imply that a trading system was or even could be imperiled by a similar stupid attack mechanism has to assume the lowest level of competence was in charge. I tend to assume those in charge of critical systems are by nature both more knowledgeable and cautious.
While I was obviously wrong on all counts, I think an article discussing a failure of a trading system should be much more explicit. Unix and Unix like operating systems are not immune to break ins, thus, it's nice to know this was not one of those cases.
* - the link shown in the cited comment (http://www.rts.ru/common/rts_getfile.cfm?id=2361) was not working today.