Slashdot Mirror
Storm Hits Blogger Network
ancientribe writes "Researchers have discovered the Storm Trojan nestled in hundreds of blog sites in Google's Blogger network, according to an article in Dark Reading. And this isn't simple comment spam, but actual blogs that post spam, and now, Storm executable files. A researcher who's been tracking the Storm-infested blog sites says he's working with Google to clean up this latest appearance of Storm."
Sounds like somebody should be out of a job. Incompetence of this magnitude should not be tolerated.
Peace sells, but who's buying?
Wow, and I was just reading that blogosphere has hit the mainstream. Hope this doesn't keep more women from blogging!
Two articles about 'blogging' in a row. I really hope this isn't what my generation will be known for.
That storm is initiated by the hot damping humid air invading from the female bloggers.
If you mod this up, your slashdot background will turn into a beautiful sunset!
Direct correlation between more women bloggers and more infected blogs :)
Did anyone else see Terminator 3? They predicted this "Storm" virus. It was only a matter of time before it became self-aware and began making emo blog posts without human intervention.
The sad part is, from what I've seen and heard, this Storm "virus" does need human intervention.
It doesn't do anything technically new. The only thing new here is the particular brand of social engineering used, and it bothers me that this still works.
Don't thank God, thank a doctor!
And 2% of worms!
And I thought Trojans were supposed to prevent infections. Hah.
Be relentless!
Really? I like badgers!
Control is an illusion, order our comforting lie. From chaos, through chaos, into chaos we fly
I'd like to take this moment to revisit the question; why doesn't Microsoft get sued for promoting that everybody use their crappy software that nobody's allowed to peek under the hood at and fix? Now we have a whole internet of these massively compromised machines. Because there's very little variation in their "genetic" makeup, and apparently the "genome" isn't all that robust; they're all susceptible to these horrible, contagious diseases, and it's ALL JUST ONE COMPANY'S FAULT!
I demand to see the rampant Linux viruses now.. This is ridiculous.. The smartest, brightest, hackers in the whole world write an OS from scratch that nobody can claim they solely own, it runs on more machines than there are macintoshes [assuming you also count the macintoshes running linux], been touted as Microsoft's largest competitor, eating up oodles of server marketshare, and nobody's been able to write a decent worm???
puhleez
On the other hand, one company can write one OS, and sell it for top dollar and everybody and their grandmother gets a copy, everybody and their grandkid can write a massively distributable exploit for it, and a WHOLE INDUSTRY of anti-virus software companies spring up (which live comfortably and profitably for decades) to battle the weaknesses in it, a whole industry of botnet admins can wield ridiculous amounts of cycles for whatever purpose they can get paid for....
But still; everybody swears by it, sticks to it, rubs it on their tummies, tosses up all kinds of the heartfelt loyalty to a COMPANY they don't even WORK FOR, a company that doesn't pay them CRAP, and treats their rights like crap????
I do NOT get it.
US$0.02++
You say "asshats making worms". I say "people creating job security for us IT guys". Sad that its come to this.
The game.
Travis? Is that you?
we don't need no stinking badgers.
Sent from the iPad I found in your car.
No joke I was perusing a couple blogs and some pop-ups attempted to install programs on my computer. I ended said system processes and nothing got messed up, but still annoying nevertheless (especially considering that you can't completely get rid of IE on windows machines) so it still attempts to pop-up IE even though I never touch that program. May have been a different piece of malware though (damn the person who posted the idea of hot chicks blogging in the previous thread and damn me for looking). Damn you slashdot.
72.14.207.191 (blogger.com) is listed in the Spamhaus SBL for their inability or unwillingness to terminate spamvertised blogspot sites. This has been an issue for months.
"Thousands upon thousands of *.blogspot.com pages, all spammed and used to re-direct to other spammer landing pages"
Come on today there's a virus for EVERYTHING... How can that be?
________________________________
igre
That's quite the glib statement, considering that worm requires so much user action (or inaction, depending on how you look at it) to infect a Windows box, it's not even funny.
Are you serious?
Oh, wait a minute... *slaps head* "Erris" is twitter's sockpuppet account, which he uses to shill his own posts.
I thought this looked familar.
Web2.0: I love when people Flickr my cuil and digg my boingboing until my google is reddit and I start to yahoo
He is serious, which says the most, no? To those of you who attempting valiantly to inject logic and thoughtful contemplation to /., why? You know it's a waste of keystrokes. The mono culture this place has devolved into is just as mind numbing as what people bitch about MS for.
Here are the steps to infect a Windows box.
#1. Receive email with link to infection site.
#2. Click on link to infection site.
#3. There is no step #3. You're probably infected already.
Sure, in some circumstances they'll have to download a
This is EXACTLY the kind of exploit that was brought up back during the Netscape trial where Microsoft claimed it was a good idea to merge the browser with the OS.
A couple of days ago, I got tired of the formmail spam that my users were receiving from their "contact me here" webpages. After reviewing my logs, I made .htaccess files on my webserver:
.* - [F]
.blogspot.com referrers. I still see a few dozen hits every day from all of these, but they are all 403 now so I'm happy.
order allow,deny
deny from 206.51.229.
deny from 206.51.233.
allow from all
RewriteEngine on
RewriteCond %{HTTP_REFERER} blogspot\.com [NC]
RewriteRule
This has cut the formmail spam that I receive down to zero ever since I set it up.
The deny from lines take care of some guy who downloads the html submit form and posts spam from "Darksites.com", and the Rewrite denies access from all
Here is a single example from a few minutes ago:
72.47.89.233 --[30/Aug/2007:22:28:22 -0600] "GET / HTTP/1.0" 403 3931 "http://hydrocodone--4t1.blogspot.com" "Opera/9.0 (Macintosh; PPC Mac OS X; U; en)"
If you're a zombie and you know it, bite your friend!
I've always wondered how the tags shown below the story get picked (yes, I've read the FAQ).. They certainly don't seem to be based on popularity alone. At the moment one of the tags for this story is youderservewhatyouget -- notice the typo. Are thousands of Slashdot readers so illiterate, or is there some other logical explanation for this?
You're missing (at least with Storm):
.exe file, ignoring several warnings in the process.
#4. Download and execute trojan
Storm, like the vast majority of Windows 'viruses', is nothing more than a trojan that requires user initiation. Sadly, there are enough ignorant (in the true sense of the word) users out there who'll happily ignore all the warnings that the malware coders continue to write them.
Mushroom.
I just read Slashdot for the articles.
Don't be discouraged. You have every opportunity to promote Microsoft here, my friend. Every community seems like a mono culture when they're not buying what you're selling.
When people realize how user-friendly and fast and efficient and shiny Vista is, they'll come around and realize that it really is such an improvement over Windows XP and certainly reflects the quality improvement you'd expect from the biggest company in the world spending seven years working on it, just to make those of us who use computers every single day happy.
Be brave.
You are welcome on my lawn.
+1, As Poetic As Slashdot Will Ever Get
A snake!!!
too bad it's not possible to file a class action suit against all the retarts that keep getting their machines infected ("but I just, well you know, HAD to click it to see what it was..") making the other 30% of the internet suffer.
I work for the Department of Redundancy Department.
Thanks to you, I've got September by Earth Wind and Fire playing in my head. BAH-DEE-AAH! Thanks a lot troll-boy.
Yes yes, that's all well and good. The real issue is: where can I find lions?
New punctuation update "~" (no quotes) at the end of a line to indicate sarcasm. ~
Only in Kenya!
15
Shit! I've been looking in Norway.
New punctuation update "~" (no quotes) at the end of a line to indicate sarcasm. ~
Thank You. Validation, though not needed and expected, was a plus. /. comments. Is failure to meet expectations, misleading users with marketing, obfuscating defects or design flaws, failure to be ethical in business practice or other flaws unique to MS? Please feel free to validate my comment again and say YES! Or mock me for not being part of your monoculture, it is a complement to point out that I can think for myself, thank you.
It is odd to see so many folk who are tech savvy or would like to be, so oblivious to the fact that software and operating systems just fail to meet basic needs of users much of the time. Usability, security, stability, cost, etc. are all missing to some degree on everything. "Written by coders for coders" is often correct. It does not matter who makes it, it still sucks. Will it get better, we hope. Are most of the vendors and open source improving, somewhat, but you won't know that if you read
I hear incorrect/ignorant statements or out right lies concerning just about every OS available almost on a daily basis. It is a rather constant stream of amusement. From executives, "Unhackable". To users, "Unhackable" To salesmen, "Perfect". To coders, "Perfect".
Roses are #FF0000
Violets are #0000FF
chown -R you ~/base
Like I said.