Slashdot Mirror

← Back to Stories (view on slashdot.org)

Storm Hits Blogger Network

Posted by CowboyNeal on from the ridin'-the-storm-out dept.

ancientribe writes "Researchers have discovered the Storm Trojan nestled in hundreds of blog sites in Google's Blogger network, according to an article in Dark Reading. And this isn't simple comment spam, but actual blogs that post spam, and now, Storm executable files. A researcher who's been tracking the Storm-infested blog sites says he's working with Google to clean up this latest appearance of Storm."

5 of 89 comments (clear)

  1. Re:They have no idea? by saxoholic · · Score: 3, Insightful

    I disagree. I don't think that's incompetence. It's an honest admission that more investigating is needed to determine the way these blogs are being infected. Would you prefer them to make up an incorrect hypothesis as to how they're doing this?

  2. Passing Fad by Anonymous Coward · · Score: 5, Insightful

    Two articles about 'blogging' in a row. I really hope this isn't what my generation will be known for.

  3. Re:Sad... by LordSnooty · · Score: 3, Insightful

    Note: This is an HTML message. For security reasons, only the raw HTML code is shown. If you trust the sender of this message then you can activate formatted HTML display for this message by clicking here.
    And I'm afraid there's your problem right there - the kind of error message which 80% of computer users, ie the naive ones, pay no attention to whatsoever. They either ignore it completely or try and understand what it means but give up. Average people don't know what HTML is, nor what effect an HTML message could have. It's this barrier of misunderstanding which good software needs to negotiate. I'm afraid that's a poor error message.
  4. Re:Sad... by Opportunist · · Score: 3, Insightful

    And even if all those auto infections run into the ground, how many will click "allow" when you promise them some pr0n?

    People are dumb and horny. Not necessarily in this order.

    --
    We used to have a Bill of Rights. Now, with the rights gone, all we have left is the bill.
  5. Re:Sad... by Sancho · · Score: 3, Insightful

    That's what IE7 on Vista does. But it's hard to sandbox "download and run this EXE for me, please" after the user has requested it, clicked ok, clicked "Yes I'm sure", and clicked "I trust this executable, now run it already!"

    It's social engineering, and it will always work until/unless we remove control of computers from the users. That's not a solution I'm personally willing to endorse. How about you?