Slashdot Mirror

← Back to Stories (view on slashdot.org)

When Hacked PCs Self-Destruct

Posted by timothy on from the fate-blesses-you-with-a-chance-to-reinstall dept.

An anonymous reader writes "From The Washington Post's Security Fix blog comes a tale that should make any Windows home user or system admin cringe. It seems the latest version of the Zeus Trojan ships with a command that will tell all infected systems to self-destruct. From the piece: 'Most security experts will tell you that while this so-called "nuclear option" is an available feature in some malware, it is hardly ever used. Disabling infected systems is counterproductive for attackers, who generally focus on hoovering as much personal and financial data as they can from the PCs they control. But try telling that to Roman Hüssy, a 21-year-old Swiss information technology expert, who last month witnessed a collection of more than 100,000 hacked Microsoft Windows systems tearing themselves apart at the command of their cyber criminal overlords.'"

6 of 418 comments (clear)

  1. Re:Hardly self-destruct by wvmarle · · Score: 5, Insightful

    Try explaining that to Joe Sixpack. When Windows doesn't work for whatever reason, the computer is "broken" and needs to be taken to a shop for repair. They can not tell the difference between broken hardware or broken software (and software hick-ups may of course be caused by broken hardware that still mostly functions - it is not always that easy to tell, even by experts).

    Self-destruct is imho a very apt description.

    Maybe it should be used more. Then more people would feel the pain of being infected. Of those 100,000 computers I can not imagine they can actually use the data of more than a handful of people for serious crimes. All the rest of the people is not affected until the malware disables their computer.

  2. Re:Hardly self-destruct by Anonymous Coward · · Score: 5, Insightful

    When it leaves all your files intact.

    The thing whacks the registry. Hardly a "nuclear option"; all your files are intact. Running the repair tool off your install CD should fix this, or you can do a reinstall with "leave filesystem alone" option.

    I heard a Congressman once say, "reporters are fight promoters". If they keep overstating what's happening, we won't know how to really secure our machines.

  3. Re:Remember... by aetherworld · · Score: 5, Insightful

    Actually, telling people that hackers really can turn your computer into a bomb wasn't that bad an idea. At least people feared that possibility.

    Try telling a Windows user who hasn't updated his browser in almost 8 years that evil script kiddies can turn his machine into a spam relay. They won't care because they don't know what it means and what the implications are.

    I'm speaking from experience here...

  4. Re:Hardly self-destruct by wvmarle · · Score: 5, Insightful

    It means a computer has become a commodity, an appliance, rather than a high-tech toy. And that in itself is a good thing. Joe Sixpack should not need to know how the internals of his computer work, just the basics. I do expect Joe Sixpack to know about Windows and preferably the existence of alternatives, about a hard disk and what it does and how big he should want it, what a processor speed roughly means and whether he would need 1GB or 2GB or 4GB of memory for his needs. I don't expect him to be able to install an operating system, hunt down drivers to make it all work, partition the hard disk in the process, care about whether it is NTFS or FAT or whatever, and be able to know what the information on a blue screen means. I don't know how the internals of my digital camera work, but I do know what the megapixel and zoom functions mean for example. But if there is a problem with it I go back to the shop.

    To add the obligatory car analogy: I don't know how an internal combustion engine works, but I do know what it means to have say a 1.6 diesel engine in your car. When something about the car is broken I call my garage, I'm not trying to have it fixed. I know I have to add fuel, have to check oil now and then (though in modern cars that's also less and less), and how to add water for the windscreen sprinklers (dunno how you call those things in English). That's enough.

    100 years ago you would have to be able to fix your own car: they were new technology, quite rare, and for a select audience only. Cars were technically simpler at the time which also helped a lot. The same for computers. 20 years ago we were working with DOS, people owning a computer and actually being able to use it could normally also install the OS, and do low-level operations. That is not necessary anymore.

    When a computer breaks down and can not start up anymore it is often NOT trivial to figure out what is wrong. An error message is not always caused by the direct error: some minor corruption in your video driver, and then the image on your screen starts playing up. Or is it really the monitor that is not good? It's not that easy.

    OK time to stop, I start rambling, I think the point is clear.

  5. Re:Hardly self-destruct by Huntr · · Score: 5, Insightful

    I don't know how to fix my car. I don't know how to fix my tv. I don't even know how to fix a lawn mower. If any of those break beyond something minor, someone else has to fix it for me. The computer is in the same niche for the vast majority of computer users.

  6. Re:Hardly self-destruct by MrMr · · Score: 5, Insightful

    Thanks for my favourite car analogy.
    Do we really allow everybody to take of in a 'commodity' car and cause uncontrolled damage?
    Or do we demand proof of a minimal level of control of the vehicle, and a good insurance if things go wrong?