Anti-Scammers Become Storm Botnet Victims

capnkr writes "It looks like the efforts of the anti-scammers at sites like 419eater, Scamwarners, Artists Against 419, and possibly others have become the target of the Storm botnet. Spamnation has a post about it, and as of this writing none of the above listed sites are responding. Spamnation reports that CastleCops and other anti-spam forums are being DDoSed as well. Sounds like a massive, concerted effort against the folks who are fighting the good fight. Although I hate it for the owners and admins of the above sites, I think it shows without a doubt that their efforts to 'get back' at the scammers are working."

And just in case any site survives the DDOS attack

[DrXym]

The submitter has helpfully provided the links to these sites so Slashdotters can finish the job.

Solution

[JamesRose]

Right a piece of code that detects if the storm bot virii are present, then have it format the hard drive. If their computer is putting other computers with real work to do in danger they should be deleted until the administrator learns to use it. Seems harsh but trying to fix a computer thats already infected is almost impossible to do, as they keep changing the virii, so carpet bomb it.

Wait a minute

[Mr.+Freeman]

"Look, these sites are being DDosed, let's post them on slashdot". Doesn't exactly seem like the best idea ever.

Feed it a bluepill?

[The+Master+Control+P]

I'm not by any means experienced at modern ASM and low-level stuff; The only instruction set I recognize is 8085. But why wouldn't it be possible to run Windows98 inside something like Bochs, and then just halt the VM and take the keys out of it's memory and order the botnet to self-destruct? Will the worm check for subtle processor state aspects that Bochs misses and not run? That this hasn't been done already implies that I'm missing something...