Slashdot Mirror
Conficker Worm Could Create World's Biggest Botnet
nk497 writes "The worm that's supposedly infected almost nine million PCs running Windows, dubbed Cornficker or Downadup, could lead to a massive botnet, security researchers have said. The worm initially spread to systems unpatched against MS08-067, but has since 'evolved and is now able to spread to patched computers through portable USB drives through brute-force password-guessing.'"
It should not be that hard to follow the money generates by this malware. Infecting 8 million PC should be a crime.
It's a crime if it's spammers. It's not a crime if it's government or content industry.
Bitterness aside, the main problem is that usually the people doing it are in a country where it is, for a number of reasons, difficult to track them down. Still, I agree that, short of keeping your OS up to date (if you /must/ use Windows), following the money is the best approach.
93rd rule of Slashdot: No matter how obvious my sarcasm is, my comment will be taken seriously by someone.
It's not like the FBI and Interpol and going to look at the bogus whois information and throw their hands up and say "oh noes". They can go and raid the registrar's offices and find out what IPs registered the domain, what credit cards (stolen or not) were used, and if they were stolen, where from and when. Furthermore the worm has a whole list of websites, so every single one of those can be checked in the same way, and even if they are all hijacked, there will be hundreds of potential clues about the perpetrators.
Personally, I am sick of spammers attempting to add comment spam to sites that I run, signing up for bogus accounts, sending massive amounts of spam, continuously trying ssh connections, running exploits etc the list goes on. The police need to do something to help us.
Rich.
libguestfs - tools for accessing and modifying virtual machine disk images
agreed 100%. until some serious pound me in the ass prison time is handed out to more than a few of these guys, it won't stop. better coordination with isp's is also the answer here, once these virus/spam sites are identified, for fucks sake blacklist them. this simple act would stop 100,000's of infected pc's from giving up information making the whole venture less profitable.
If you mod me down, I will become more powerful than you can imagine....
Personally, I am sick of spammers attempting to add comment spam to sites that I run, signing up for bogus accounts, sending massive amounts of spam, continuously trying ssh connections, running exploits etc the list goes on. The police need to do something to help us.
Rich.
I think you should be careful what you wish for. The Police could do something, they could turn the Internet into a Police State.
*ALL* operating systems much be constantly patched to protect against the "latest" threats. Windows just gets the majority share of attention because there are millions of Windows boxes, many unpatched, many owned and operated by computer illiterate users who have little or no interest in securing them (And even in Vista, which is a vast improvement on XP from a security perspective, the default security leaves a lot to be desired).
Ok, they are *usually* less serious than this particular vulnerability, but my Ubuntu box downloads "critical" updates at least once a week on average.
Microsoft have made a lot of bad design decisions in their products, often in order to thwart competition, but them actually being incompetent or negligent, especially in recent years, is a lot harder to prove.