Slashdot Mirror

← Back to Stories (view on slashdot.org)

When Malware Attacks Malware

Posted by kdawson on from the internecine dept.

PetManimal writes "Researchers say that the Storm Trojan/Peacomm worm has been tweaked to spread via IM programs and attack rival malware. Symantec sounded the alarm, and says that the exploit launches in AOL, Google Talk, and Yahoo Messenger windows that are already open, making it appear to be a legitimate message from a known user. The worm has modified the code from last year's Nuwar worm, and when activated, enables a DDoS attack against any site, including antispam services and servers supporting rival malware: 'Systems hijacked by Peacomm have also conducted DDoS attacks against at least five domains used by the creators of the noted Warezov (or Stration) worm. After a busy September and October, Warezov was credited by some analysts as the genesis of 2006's massive fourth-quarter spike in spam volume.'"

1 of 135 comments (clear)

  1. Re:It Seems to me... by 99BottlesOfBeerInMyF · · Score: 0, Troll

    1. Don't allow your users to send port 25 traffic to any address but your own mail server.

    Repeat after me... the internet is not the web, the internet is not the web. I'd kind of rather ISPs did not arbitrarily block ports because one OS is so unbelievably insecure that it does not even inform users before it starts spamming e-mail to the world, when that is a common occurrence on that platform.

    Here's a counter-suggestion. How about if MS gets off their butts and makes their OS reasonably secure so that it isn't easier to hijack Windows box and use it to send spam than it is to configure a proper e-mail server on that same OS. The assumption that all software run on a Windows machine should be trusted and allowed to do basically whatever it wants should have died long ago. Lets not treat symptoms by shutting down all the commonly used ports and protocols malware uses to perform malicious attacks, since that only makes it get around them by doing things like hijacking user's e-mail accounts to send the spam. Instead why don't we pressure MS to solve the bloody problem. In fact, I know exactly how to motivate them. It is called "the capitalist free market." Break MS into two companies forbidden from collusion and both with all the rights to the Windows code and patents to date. In three years both will have new version on the market and both will be reasonably secure because they will be motivated directly by greed to give customers what they want, including security. But I guess enforcing our existing laws against criminals is harder than passing a new law to castrate internet access for responsible users, huh?