Slashdot Mirror


Storm Botnet Is Behind Two New Attacks

We've gotten a number of submissions about the new tricks the massive Storm botnet has been up to. Estimates of the size of this botnet range from 250K-1M to 5M-10M compromised machines. Reader cottagetrees notes a writeup at Exploit Prevention Labs on a new social engineering attack involving YouTube. The emails, which may be targeted at people who use private domain registrations, warn the recipient that their "face is all over 'net" on a YouTube video. The link is to a Storm-infected bot that attacks using the Q4Rollup exploit (a package of about a dozen encrypted exploits). And reader thefickler writes that the recent wave of "confirmation spam" is also due to Storm, as was the earlier, months-long "e-card from a friend" series of attack emails.

3 of 226 comments (clear)

  1. Ha! by Anonymous Coward · · Score: -1, Flamebait

    Never will happen to os x or other *nix systems.

    1. Re:Ha! by mightyQuin · · Score: 0, Flamebait

      I am really bloody sick of Microsoft's shoddy work.

      Agreed, but the other thing about this problem that really seems to burn all the sysadmins and network admins and IT geeks out here is that with all the amazing knowledge and problem solving abilities, no one has been able to devise an elegant solution to this problem.

      Holy impotance Batman!

      --
      Now, if you'll excuse me, I've got some idea balls to remove from a manatee tank.
  2. You're just another WEAK F.U.D. spreading troll by Anonymous Coward · · Score: -1, Flamebait
    LOL, predictable:
    ----

    "Go shill somewhere else troll" - by ispsuckx (1147895) on Sunday August 26, @05:12PM (#20365173) ----

    Troll?

    Hey, look - I am only responding to folks here that are *NIX people, spreading more of their usual F.U.D. b.s. here @ /., which is usually along the lines of:

    "(Insert *NIX variant here) is more secure/securable than Windows"

    That is all...

    (& I am just giving them a COMPLETELY FAIR CHANCE, to back up their b.s., & prove me wrong IF they can, & they must exceed an 85.185/100 score on the CIS TOOL to do so, & post a valid unfaked photo of their score on this *NIX rig of their OS choice!)

    That's all, simple... but, apparently, NOT so simple, eh, to live up to words I am only responding to, asking folks to back up their words, & put their monies where their mouths are, that run *NIX & that say things more or less along the lines of what I bolded above...

    APK

    P.S.=> Now, the funniest part is? Your subject line's "Ha"!

    Well... I get that "last laugh", as per usual, when it comes to THIS challenge I issue here every time I see more of this b.s. -> "(Insert *NIX variant here) is more secure/securable than Windows" crap... you're just another one, RUNNING! "Run, Forrest... RUN!!!", lol!

    AND, "Newsflash" - No OS ships as 'secure as it can REALLY be' out of the box/stock oem builds usually...

    You're just another b.s. artist left with NOTHING but more b.s., but no score on your *NIX rig, vs. mine on Windows Server 2003 SP #2 fully patched & custom hardened for security, that exceeds my score of (currently) 85.185/100 on CIS TOOL...

    CIS TOOL DOWNLOAD:

    http://www.cisecurity.org/index.html

    CIS TOOL is a valid legitimate test of security noted in SANS & COMPUTERWORLD (often cited here @ /. in posts regarding security & thus, respected ones) as a tool for helping to secure multiple OS platforms & apparently? After my challenging those here @ this website 30++ times now??

    Folks here on their *NIX rigs just aren't all that good @ securing their machines it seems, for all of their "bluster"... so, put your monies where your mouths are, put up OR shut up, & beat my score...

    Until you do? You look INCREDIBLY STUPID & FOOLISH... talk's cheap, show us how secure your *NIX rigs, really are, & beat my score... apk