Slashdot Mirror

← Back to Stories (view on slashdot.org)

When Hacked PCs Self-Destruct

Posted by timothy on from the fate-blesses-you-with-a-chance-to-reinstall dept.

An anonymous reader writes "From The Washington Post's Security Fix blog comes a tale that should make any Windows home user or system admin cringe. It seems the latest version of the Zeus Trojan ships with a command that will tell all infected systems to self-destruct. From the piece: 'Most security experts will tell you that while this so-called "nuclear option" is an available feature in some malware, it is hardly ever used. Disabling infected systems is counterproductive for attackers, who generally focus on hoovering as much personal and financial data as they can from the PCs they control. But try telling that to Roman Hüssy, a 21-year-old Swiss information technology expert, who last month witnessed a collection of more than 100,000 hacked Microsoft Windows systems tearing themselves apart at the command of their cyber criminal overlords.'"

2 of 418 comments (clear)

  1. Re:Hardly self-destruct by Anachragnome · · Score: 5, Interesting

    It is far worse.

    A friend, just last night, showed me his highly-infected laptop (please, being serious here). Not only did he have one of those "Infect the "customer", then sell them a fake cure" scams, but he had what appeared to be an everyday Trojan, with one huge difference.

    It had created a hidden partition (I deduced this from HD size discrepency between reported size and actual), copied over enough "Windows" to run as a separate OS, then nuked his normal partition OS. When he reformatted, he wasn't paying attention (didn't know any better) and didn't delete that partition. The trojan was essentially maintained, right through a reformat (albeit, an incomplete one). It was an easy mistake to make considering how many Dell/Compaq built machines come with a separate 10-20GB partition that isn't always deleted on reformat, and for that reason the numbers for HD partition space don't always add up.

    Here is where the sneaky part comes in. They nuked his OS, right?

    NOW, after he thinks everything is groovy, he starts reinstalling applications, re-entering information and passwords and re-bookmarking sites. All while the trojan watches.

    THAT is what the "nuclear winter" is for in these cases, to lull the user into a false sense of security.

  2. Re:Hardly self-destruct by plover · · Score: 5, Interesting

    Actually, by "normal use of a computer" your computer can indeed cause serious damage to other computers, or to property. That's what TFA is all about.

    Let's look at "normal use of a computer." And by "normal" I don't mean "geek normal", I mean "Joe Sixpack normal".

    Joe Sixpack goes to Best Buy and buys a computer. He doesn't spend the $50 for the anti-virus software ($50 a year? The hell I will!) or $50 for a firewall (I already pay the cable company for this blue box just like it), and he dismisses every single warning, checking the "don't show me this again" box because he didn't understand it the first time. And then he surfs to the porn sites. So what we'd consider reckless behavior is pretty much "normal use of a computer".

    There are no cops to give him a ticket for surfing on unsafe equipment, because it's not illegal. Nobody's going to protect him because he's not willing to pay extra for anti-virus. And we all know that his machine is going to be turned into a zombie within 15 minutes of connecting to the internet without a firewall.

    As far as the damage goes, his zombied computer may attack and infect others. The direct costs to Joe Sixpack may include PC troubleshooting and repair, loss of data, and dealing with the theft and abuse of personal banking information. Banks are held liable to cover any fraud losses that result, and they collectively spend billions annually. And for secondary effects, we know there have been suicides due to lost money and also due to computer harassment. I don't think you can simply say that a computer can't "hurt" anybody.

    ( And this isn't about assigning blame. There's plenty of that: Joe Sixpack may be as irresponsible as they come, and dumber than average. The malware writers are common thieves. Some operating system vendors sell Swiss cheese. And every vendor in the process is happy to take Joe's money without regard to the consequences to him. )

    If cars were as unregulated as computers, very few of us would safely return home on a daily basis.

    --
    John