When Hacked PCs Self-Destruct

← Back to Stories (view on slashdot.org)

When Hacked PCs Self-Destruct

Posted by timothy on Thursday May 7, 2009 @07:26PM from the fate-blesses-you-with-a-chance-to-reinstall dept.

An anonymous reader writes "From The Washington Post's Security Fix blog comes a tale that should make any Windows home user or system admin cringe. It seems the latest version of the Zeus Trojan ships with a command that will tell all infected systems to self-destruct. From the piece: 'Most security experts will tell you that while this so-called "nuclear option" is an available feature in some malware, it is hardly ever used. Disabling infected systems is counterproductive for attackers, who generally focus on hoovering as much personal and financial data as they can from the PCs they control. But try telling that to Roman Hüssy, a 21-year-old Swiss information technology expert, who last month witnessed a collection of more than 100,000 hacked Microsoft Windows systems tearing themselves apart at the command of their cyber criminal overlords.'"

58 of 418 comments (clear)

Min score:

Reason:

Sort:

I witnessed it too! by fractalVisionz · 2009-05-07 19:29 · Score: 4, Funny

It looks like slashdot was taken down by the self destruct too!
Remember... by Archaemic · 2009-05-07 19:29 · Score: 5, Funny

Hackers can turn your home computer INTO A BOMB
1. Re:Remember... by Anonymous Coward · 2009-05-07 19:33 · Score: 5, Funny
  
  The article is slashdotted right now: are these malware authors calling the Windows self-destruct function, or did they roll their own?
2. Re:Remember... by Killer+Orca · 2009-05-07 19:53 · Score: 5, Funny
  
  Great, between this and the looming threat of wireless routers, http://miscellanea.wellingtongrey.net/2007/05/27/the-truth-about-wireless-devices/ we're all doomed.
3. Re:Remember... by A+beautiful+mind · 2009-05-07 19:54 · Score: 4, Funny
  
  ...and blow your family to smithereens!
  
  --
  It takes a man to suffer ignorance and smile
  Be yourself no matter what they say
4. Re:Remember... by TrebleMaker · 2009-05-07 19:55 · Score: 5, Funny
  
  Hackers can turn your home computer INTO A BOMB
  Yeah, let's see MacGyver do THAT!
  
  --
  In Soviet Russia a beowulf cluster of these things imagines you welcoming your new, neural-network overlords.
5. Re:Remember... by supernova_hq · 2009-05-07 20:10 · Score: 4, Funny
  
  With all the capacitors in your computer, especially if you count the PS, there is more than enough material in a computer to make a decent bomb.
6. Re:Remember... by Razalhague · 2009-05-07 20:13 · Score: 5, Funny
  
  Meh, MacGyver uses local exploits. It's a completely different matter to do it remotely.
7. Re:Remember... by rapidmax · 2009-05-07 20:14 · Score: 4, Funny
  
  C'mon, they'll never use that feature, that would destrNO CARRIER
8. Re:Remember... by Hognoxious · 2009-05-07 20:47 · Score: 4, Funny
  
  I think they're infinging one of Dell's patents.
  
  --
  Confucius say, "Find worm in apple - bad. Find half a worm - worse."
9. Re:Remember... by aetherworld · 2009-05-07 20:59 · Score: 5, Insightful
  
  Actually, telling people that hackers really can turn your computer into a bomb wasn't that bad an idea. At least people feared that possibility.
  Try telling a Windows user who hasn't updated his browser in almost 8 years that evil script kiddies can turn his machine into a spam relay. They won't care because they don't know what it means and what the implications are.
  I'm speaking from experience here...
10. Re:Remember... by fredrik70 · 2009-05-07 21:02 · Score: 5, Funny
  
  OMG, that looks exactly like my wifi router back home! and my gf is working from home today!
  noes!
  
  --
  if (!signature) { throw std::runtime_error("No sig!"); }
11. Re:Remember... by Shamenaught · 2009-05-07 22:13 · Score: 5, Funny
  
  Given the amount of porno on this machine, that'd be a dirty bomb :-O
  
  --
  mysql> SELECT * FROM `places` WHERE `place` LIKE 'home`; Empty set (0.00 sec)
12. Re:Remember... by rhyder128k · 2009-05-07 22:45 · Score: 4, Insightful
  
  Am I the only one who thought, "I'd RATHER that malware corrupted a Windows installation than it sat there, harvesting data"?
  
  --
  Michael Reed, freelance tech writer.
13. Re:Remember... by ecotax · 2009-05-07 23:05 · Score: 4, Insightful
  
  Am I the only one who thought, "I'd RATHER that malware corrupted a Windows installation than it sat there, harvesting data"?
  No, but after reading the article I understand that a use case for this feature is: first harvest data, then win additional time to abuse this data by disabling the computer.
  
  --
  "Money is a sign of poverty." - Iain Banks
14. Re:Remember... by TapeCutter · 2009-05-08 00:01 · Score: 4, Interesting
  
  Yep, that would certainly be one use but my guess is they got a tip off that someone was close to indentifying them. Ever since I was stung by a dialer in the nineties I've always wondered about the impunity these guys seem to operate with. I used to think it was because nobody knew/cared but they cannot do this shit unless they also have friends in high places, especially telco places.
  
  I told the phone company all about the dialer and that I knew it was my teenage son clicking porn links, their response was basically sorry but have already paid the $300 to the Russian telco who has already paid it to the 1900 number, if you don't pay us the $300 we will not only cut you off but will alert other vendors to your unpaid bills. I told them to go ask the Russians for their money back due to obvious and traceable fraud, they cut me off, I paid, we kissed and made up.
  
  --
  And did you exchange a walk on part in the war for a lead role in a cage? - Pink Floyd.
15. Re:Remember... by Lumpy · 2009-05-08 00:40 · Score: 5, Funny
  
  Only if you piss on it. You really need that urea to finish the explosives.
  how many people will stand up and piss all over the computer just because a pop-up tells them to?
  "Stand up and pee into your computer and enter to win $1,000,000!!!!!!"
  
  --
  Do not look at laser with remaining good eye.
16. Re:Remember... by PopeRatzo · 2009-05-08 00:43 · Score: 4, Interesting
  
  Thanks for that. The guy in the picture in that article looks just like the "Desktop Support Coordinator" at the University I used to work for.
  I like the part where it says "Instead of blowing up a single plane, these groups will be able to patch into the central computer of a large airline and blow up hundreds of planes at once!" [emphasis mine]
  Anyway, the "desktop support coordinator" actually told me once that when I unplug my laptop from ethernet at night I should do so at the wall instead of at the laptop (leaving the cable plugged into the wall) because it (I swear this is true) "wastes bandwidth".
  I wanted to ask him if that was because all the bits would run out of the unplugged end of the cable and onto the floor but I just couldn't do it because he had such an earnest and absolutely convinced look on his face. At the time I was just a lecturer and I'm sure he was making twice my salary (this was before the Univ. figured out that they could just pay work-study students 6 bucks an hour to do desktop support (but after they'd figured out they could pay post-docs 7 bucks an hour to teach undergrads).
  
  --
  You are welcome on my lawn.
17. Re:Remember... by berzerke · 2009-05-08 01:02 · Score: 4, Informative
  
  how many people will stand up and piss all over the computer just because a pop-up tells them to?
  I think I've got five users that probably would. Seriously.
18. Re:Remember... by Anonymous Coward · 2009-05-08 02:58 · Score: 4, Insightful
  
  Wait, so let me get this straight: your son installed a dialer on your computer while he was unsupervised, but somehow it is the phone company's fault you were charged for it? I'm sorry, but that is one of the major things that is wrong with society. Nobody can take the blame for their own or their charges actions (yes, you child is your responsibility). It's not the phone company's responsibility to filter all outgoing calls automatically. It's not the phone company's responsibility to supervise your son's porn surfing. What you do in this instance is ground your kid or make him pay you back $300 if he is old enough to work, you don't bitch at the phone company for it.
Hardly self-destruct by clickclickdrone · 2009-05-07 19:38 · Score: 5, Informative

All it does is mess up the OS - the hardware is fine, hardly a 'nuclear option' or 'self-destruct'.

--
I want a list of atrocities done in your name - Recoil
1. Re:Hardly self-destruct by wvmarle · 2009-05-07 20:04 · Score: 5, Insightful
  
  Try explaining that to Joe Sixpack. When Windows doesn't work for whatever reason, the computer is "broken" and needs to be taken to a shop for repair. They can not tell the difference between broken hardware or broken software (and software hick-ups may of course be caused by broken hardware that still mostly functions - it is not always that easy to tell, even by experts).
  Self-destruct is imho a very apt description.
  Maybe it should be used more. Then more people would feel the pain of being infected. Of those 100,000 computers I can not imagine they can actually use the data of more than a handful of people for serious crimes. All the rest of the people is not affected until the malware disables their computer.
2. Re:Hardly self-destruct by Anonymous Coward · 2009-05-07 20:06 · Score: 5, Insightful
  
  When it leaves all your files intact.
  The thing whacks the registry. Hardly a "nuclear option"; all your files are intact. Running the repair tool off your install CD should fix this, or you can do a reinstall with "leave filesystem alone" option.
  I heard a Congressman once say, "reporters are fight promoters". If they keep overstating what's happening, we won't know how to really secure our machines.
3. Re:Hardly self-destruct by Anachragnome · 2009-05-07 20:06 · Score: 5, Interesting
  
  It is far worse.
  A friend, just last night, showed me his highly-infected laptop (please, being serious here). Not only did he have one of those "Infect the "customer", then sell them a fake cure" scams, but he had what appeared to be an everyday Trojan, with one huge difference.
  It had created a hidden partition (I deduced this from HD size discrepency between reported size and actual), copied over enough "Windows" to run as a separate OS, then nuked his normal partition OS. When he reformatted, he wasn't paying attention (didn't know any better) and didn't delete that partition. The trojan was essentially maintained, right through a reformat (albeit, an incomplete one). It was an easy mistake to make considering how many Dell/Compaq built machines come with a separate 10-20GB partition that isn't always deleted on reformat, and for that reason the numbers for HD partition space don't always add up.
  Here is where the sneaky part comes in. They nuked his OS, right?
  NOW, after he thinks everything is groovy, he starts reinstalling applications, re-entering information and passwords and re-bookmarking sites. All while the trojan watches.
  THAT is what the "nuclear winter" is for in these cases, to lull the user into a false sense of security.
4. Re:Hardly self-destruct by MrMr · 2009-05-07 20:46 · Score: 4, Insightful
  
  Try explaining that to Joe Sixpack
  What does it tell when educating the average person becomes a metaphor for an impossible task?
5. Re:Hardly self-destruct by Bigjeff5 · 2009-05-07 20:53 · Score: 4, Insightful
  
  You've missed the point. And while you apparently read part of the article, you didn't read all of it obviously.
  That or you have no idea what Data is worth. Why do you think these guys are in this business?
  The data on your machine is worth anywhere from about as much as the hardware, up to 1000+ times as much as the hardware, depending on how much cash you have in your bank account.
  What this trojan did was "nuke" the OS. If it did its job well enough the fix won't be as easy as popping in a recovery disk (if you've still got it) to fix it, though a recovery partition aught to get you back to square one at least.
  Depending on who got hit, getting their PC up and running could take anywhere from a few hours (unlikely, since that person probably runs AV software and is careful about where they visit), to a few days, to weeks depending on how often they use the machine.
  If the whole point in tanking the OS was buy time to use stolen credit card and account info, it would be pretty effective, no?
  Frankly, if all they did was somehow manage to short out the hardware without stealing any data, then it's not really much of a loss at all. Losing $50k out of your bank account, now that's a serious loss.
  
  --
  Security is mostly a superstition... Avoiding danger is no safer in the long run than outright exposure. - Helen Keller
6. Re:Hardly self-destruct by Jedi+Alec · 2009-05-07 21:06 · Score: 4, Interesting
  
  If he reformatted his C: and installed a fresh windows on there, how were files from the windows install on the hidden D: being launched by the trojan? Especially if you launch an install from a bootable device such as a CD, I don't quite see how the hidden install on the second drive would be able to interfere with the reinstall or operation of the fresh install?
  
  --
  
  People replying to my sig annoy me. That's why I change it all the time.
7. Re:Hardly self-destruct by wvmarle · 2009-05-07 21:35 · Score: 5, Insightful
  
  It means a computer has become a commodity, an appliance, rather than a high-tech toy. And that in itself is a good thing. Joe Sixpack should not need to know how the internals of his computer work, just the basics. I do expect Joe Sixpack to know about Windows and preferably the existence of alternatives, about a hard disk and what it does and how big he should want it, what a processor speed roughly means and whether he would need 1GB or 2GB or 4GB of memory for his needs. I don't expect him to be able to install an operating system, hunt down drivers to make it all work, partition the hard disk in the process, care about whether it is NTFS or FAT or whatever, and be able to know what the information on a blue screen means. I don't know how the internals of my digital camera work, but I do know what the megapixel and zoom functions mean for example. But if there is a problem with it I go back to the shop.
  To add the obligatory car analogy: I don't know how an internal combustion engine works, but I do know what it means to have say a 1.6 diesel engine in your car. When something about the car is broken I call my garage, I'm not trying to have it fixed. I know I have to add fuel, have to check oil now and then (though in modern cars that's also less and less), and how to add water for the windscreen sprinklers (dunno how you call those things in English). That's enough.
  100 years ago you would have to be able to fix your own car: they were new technology, quite rare, and for a select audience only. Cars were technically simpler at the time which also helped a lot. The same for computers. 20 years ago we were working with DOS, people owning a computer and actually being able to use it could normally also install the OS, and do low-level operations. That is not necessary anymore.
  When a computer breaks down and can not start up anymore it is often NOT trivial to figure out what is wrong. An error message is not always caused by the direct error: some minor corruption in your video driver, and then the image on your screen starts playing up. Or is it really the monitor that is not good? It's not that easy.
  OK time to stop, I start rambling, I think the point is clear.
8. Re:Hardly self-destruct by Huntr · 2009-05-07 21:52 · Score: 5, Insightful
  
  I don't know how to fix my car. I don't know how to fix my tv. I don't even know how to fix a lawn mower. If any of those break beyond something minor, someone else has to fix it for me. The computer is in the same niche for the vast majority of computer users.
9. Re:Hardly self-destruct by MrMr · 2009-05-07 21:57 · Score: 5, Insightful
  
  Thanks for my favourite car analogy.
  Do we really allow everybody to take of in a 'commodity' car and cause uncontrolled damage?
  Or do we demand proof of a minimal level of control of the vehicle, and a good insurance if things go wrong?
10. Re:Hardly self-destruct by petermgreen · 2009-05-07 22:06 · Score: 4, Insightful
  
  Running the repair tool off your install CD should fix this, or you can do a reinstall with "leave filesystem alone" option.
  Unfortunately a significant proportion of OEMs don't provide proper install CDs anymore :(. Afaict that started sometime arround the late win98/early winME era (I never bought a machine that came with 2K big brand OEM so I can't comment on what happened there).
  In the 98/ME/2K days this wasn't such a big deal since you could just borrow a CD from someone who had a proper copy. However microsofts actions with and since the release of XP have made it much more awkward to get arround this by just borrowing a CD. Big brand OEM copies are bios locked. system builder and retail copies require activation and if you use them with a big brand OEM key you are going to have to ring MS and beg for activation. Volume license copies of XP don't have this shit but using a generated key is likely to trip up WGA and using a borrowed key on any machine you don't control puts the company it was borrowed from at risk of ending up on the WGA shitlist. With vista the no-activation-requied VLK copies have gone completely.
  
  --
  note: i'm known as plugwash most places but i screwd up registering that here somehow in the past and now can't register
11. Re:Hardly self-destruct by robthebloke · 2009-05-07 22:51 · Score: 4, Insightful
  
  vista
12. Re:Hardly self-destruct by iangoldby · 2009-05-07 23:55 · Score: 4, Insightful
  
  Doing damage with a car may damage other cars, other people's property, ...
  There is no way that by normal use of a computer you can cause serious damage to other computers...
  You're joking right? Where do you think most spam comes from, distributed denial of service attacks, identity theft, etc? hint
13. Re:Hardly self-destruct by plover · 2009-05-08 00:08 · Score: 5, Interesting
  
  Actually, by "normal use of a computer" your computer can indeed cause serious damage to other computers, or to property. That's what TFA is all about.
  Let's look at "normal use of a computer." And by "normal" I don't mean "geek normal", I mean "Joe Sixpack normal".
  Joe Sixpack goes to Best Buy and buys a computer. He doesn't spend the $50 for the anti-virus software ($50 a year? The hell I will!) or $50 for a firewall (I already pay the cable company for this blue box just like it), and he dismisses every single warning, checking the "don't show me this again" box because he didn't understand it the first time. And then he surfs to the porn sites. So what we'd consider reckless behavior is pretty much "normal use of a computer".
  There are no cops to give him a ticket for surfing on unsafe equipment, because it's not illegal. Nobody's going to protect him because he's not willing to pay extra for anti-virus. And we all know that his machine is going to be turned into a zombie within 15 minutes of connecting to the internet without a firewall.
  As far as the damage goes, his zombied computer may attack and infect others. The direct costs to Joe Sixpack may include PC troubleshooting and repair, loss of data, and dealing with the theft and abuse of personal banking information. Banks are held liable to cover any fraud losses that result, and they collectively spend billions annually. And for secondary effects, we know there have been suicides due to lost money and also due to computer harassment. I don't think you can simply say that a computer can't "hurt" anybody.
  ( And this isn't about assigning blame. There's plenty of that: Joe Sixpack may be as irresponsible as they come, and dumber than average. The malware writers are common thieves. Some operating system vendors sell Swiss cheese. And every vendor in the process is happy to take Joe's money without regard to the consequences to him. )
  If cars were as unregulated as computers, very few of us would safely return home on a daily basis.
  
  --
  John
14. Re:Hardly self-destruct by NotBornYesterday · 2009-05-08 02:25 · Score: 4, Insightful
  
  You might not know how to fix your lawnmower, but I'd bet you know how to put gas & oil in it, remove dog poo from the wheels, and have the sense not to run over big, obvious rocks. By not taking basic, common-sense (oxymoron, I know, I know ...) precautions and doing basic maintenance, Joe Sixpack invites this upon himself. The information is available. The products to help protect Joe & his Wintoy are inexpensive and easy to get and use.
  
  --
  I prefer rogues to imbeciles because they sometimes take a rest.
Re:All Versions of Windows affected by daid303 · 2009-05-07 19:38 · Score: 5, Funny

You don't need any commands for that. Just let it run for a while.
I hate to say it but... by jimicus · 2009-05-07 19:38 · Score: 4, Insightful

this could actually be a good thing if it happens.
This is mostly speculation so take with as much salt as you think it needs.
Historically, there's not been an obvious connection in the mind of a user whose PC has been hacked with there being a serious problem with this. After all, most home users are probably unaware that their computer is participating in a huge DDOS attack in the first place, and ISPs have been very reluctant to police their customers.
I don't think credit card fraud through keyloggers is anywhere near prevalent enough to make people take notice either. Let's face it, a trojan which installs a keylogger and reports anything which looks like credit card details back to a known location is going to produce more valid credit card details in the space of a couple of weeks than most people could hope to use in a lifetime of fraud so even if your card details are stolen this way, I'm not sure there's a huge chance they'll ever be used.
But if the trojan hoses the host PC along with all the family photographs and all the music they've paid good money for - ah, now that might actually make people realise that there's a problem.
1. Re:I hate to say it but... by arkhan_jg · 2009-05-07 19:59 · Score: 5, Informative
  
  This kind of destructive behaviour is what most ordinary people still associate with viruses; if it's not hosing the computer entirely, it's nothing to worry about. That they're partly responsible for the spam tsunami, and that their credit card details might be leaking all over the place, just simply doesn't seem to be on their radar.
  so they keep that 3 month trial of norton they got with the computer 3 years ago, and think they're safe because their computer hasn't blown up yet.
  Plus they have a remarkable tolerance for popups - the amount of pcs I get asked to look at because they're 'a bit slow' that are utterly riddled with spyware, maladware and a notification area that fills half the start bar, and are hitting swap space as soon as they boot up...
  
  --
  Remember kids, it's all fun and games until someone commits wholesale galactic genocide.
2. Re:I hate to say it but... by mcrbids · 2009-05-07 20:08 · Score: 5, Informative
  
  But if the trojan hoses the host PC along with all the family photographs and all the music they've paid good money for - ah, now that might actually make people realise that there's a problem.
  I take it you have no experience dealing with "the public" and computers. They get horked, they see weird popups, and have no idea that it's really unusual. It's all "black magic" to them, anyway, so they don't differentiate much between a "Are you sure you want to NNN" and "Sending bomb threat to Pres Obama" messages.
  If it has an OK button, they'll click on it to get it out of their face.
  Once, I was doing tech support, and the customer was complaining about a condition, and I was SURE that the instructions for how to fix the condition were being displayed to the end user, who adamantly denied it. I walked her through the process, step by step, and at the appropriate point, asked her if any warning box or anything showed up. She said she saw nothing.
  So I set up a remote desktop session, had the customer perform the software procedure again, slowly, so I could see what happened. She clicked slowly, step by step, and then, at the appropriate point, I saw a brief white flash before she told me that, once again, nothing had happened.
  So I told her to take her hand OFF THE MOUSE while I performed the sequence myself.
  This time, as expected, the dialog box popped up explaining what the problem was, and exactly what to do to fix it. When I asked if she'd ever seen it before, she said "Oh yeah, I just click OK whenever I see it". I pointed out to her the first sentence in the box, which was something like "WARNING: read this carefully or you will probably lose important data!". Somehow, "lose important data" was not the same as "Why isn't the program remembering what I typed?".
  And this was no idiot - she was a well trained, college/university graduated professional!
  There is lots of humor in society about the stupidity of the average Joe. Remember that, by definition, half of everybody is even dumber than that. Sad, when you think about it, huh?
  
  --
  I have no problem with your religion until you decide it's reason to deprive others of the truth.
3. Re:I hate to say it but... by williamhb · 2009-05-07 20:55 · Score: 4, Insightful
  
  This time, as expected, the dialog box popped up explaining what the problem was, and exactly what to do to fix it. When I asked if she'd ever seen it before, she said "Oh yeah, I just click OK whenever I see it". I pointed out to her the first sentence in the box, which was something like "WARNING: read this carefully or you will probably lose important data!". Somehow, "lose important data" was not the same as "Why isn't the program remembering what I typed?". And this was no idiot - she was a well trained, college/university graduated professional! There is lots of humor in society about the stupidity of the average Joe. Remember that, by definition, half of everybody is even dumber than that. Sad, when you think about it, huh?
  Your users are not stupid; they have simply been desensitised by an endless stream of trivial messages marked "Warning" and "Important", and have intelligently deduced that those words are not meaningful because they are attached to every dang message and pop-up they receive. Ever notice how many pieces of trivial junk mail have the word "Important" on them? "Important notice for car-owners" about the latest insurance offer. "Warning! You may be paying too much for your haircut", etc. And recorded phone calls... "This is an important announcement about your finances ... call Rip-Off-Consolidators Ltd for the best deals in town". Not to mention the endless stream "Warning! Contents of this coffee cup may be hot" [I dang well hope so]. And the "Important" license agreements that are actually irrelevant to your staff when they start corporate-installed software for the first time [the company has already made that decision], but must nonetheless click through. The "Important" email announcement about HR training on the safe way to open an envelope (warning of the terrible dangers of a paper cut)... The "important" notice on the intranet page about staff inductions (the only useful content of which is "where's the stationery kept").
4. Re:I hate to say it but... by Bigjeff5 · 2009-05-07 20:57 · Score: 5, Funny
  
  And this was no idiot - she was a well trained, college/university graduated professional!
  Just pointing out that these two things are not mutually exclusive.
  Cheers!
  
  --
  Security is mostly a superstition... Avoiding danger is no safer in the long run than outright exposure. - Helen Keller
5. Re:I hate to say it but... by JordanL · 2009-05-07 21:18 · Score: 4, Informative
  
  There is lots of humor in society about the stupidity of the average Joe. Remember that, by definition, half of everybody is even dumber than that. Sad, when you think about it, huh?
  Wouldn't that be the stupidity of the median Joe?
  
  Just sayin'.
  
  --
  FanFictionRecs.net
6. Re:I hate to say it but... by u38cg · 2009-05-07 23:04 · Score: 4, Funny
  
  Welcome to Slashdot, where the median poster knows what a bell curve is ;)
  
  --
  [FUCK BETA]
I can't wait to see.... by lordofthechia · 2009-05-07 19:40 · Score: 5, Funny

The next "I'm a PC, I'm a Mac" commercial is gonna rule!
Mac: Umm... PC.... why are you stabbing yourself repeatedly with that pen...

--
Georgia Tech, the leader in Chia(tm) technology.
Is physical destruction even possible? by phantomcircuit · 2009-05-07 19:49 · Score: 4, Interesting

Could you screw with the voltage and thermal thresholds to cause a system to literally self destruct?
1. Re:Is physical destruction even possible? by MrEricSir · 2009-05-07 20:02 · Score: 4, Informative
  
  It's possible, at least to some extent. Old CRTs could be fried with bad programming. Modern CPUs usually have a thermal fail safe (i.e. a reboot) but not every component does this. I'm pretty sure my Radeon doesn't have this feature, since it gets hot as hell if I let it run for too long.
  Another interesting option is USB. I believe it's possible to alter the USB power with a software driver. Just set the power level to over 9000, and your peripherals will fry.
  
  --
  There's no -1 for "I don't get it."
2. Re:Is physical destruction even possible? by Zapotek · 2009-05-07 20:09 · Score: 5, Informative
  
  There already are overclocking tools that do exactly that.
  Control the fans, the temperature threshold, cpu freq etc...
  I don't see why a worm or other malware can't do the same thing.
The feature I've been waiting for by Opportunist · 2009-05-07 19:51 · Score: 4, Insightful

The way you say that makes it sound like it's a bad thing...
So, essentially, you're telling me that people who get infected are at risk of losing their PC's data. People unable or unwilling to keep their PCs secure might suffer the consequences thereof themselves instead of only posing a threat to others on the net, through spam, DDoS or spreading more malware.
Care to explain where the negative aspect is?

--
We used to have a Bill of Rights. Now, with the rights gone, all we have left is the bill.
Upgrading the hard way by Virtually+Sane · 2009-05-07 19:54 · Score: 5, Funny

The things Microsoft will do to make you upgrade to Vista :)
Did the author miss the obvious? by Speed+Pour · 2009-05-07 20:12 · Score: 4, Insightful

There's at least one other reason that the botnet holder may have opted to kill it....If he downloaded something that gave him a reason to freak out. Imagine a scenario where you're looking through some stolen data and realize you just picked up information about a government run weapons facility or assassination plans. The dumbest thing you could do is leave tracks, but since that's already been done, you might as well try to destroy your tracks and hope nobody notices.

On a side node, between the semi-bogus slashdot headline and the wildly sensationalized article, which is also misleading on at least a couple of points, there's surprisingly little news here. If more accurate information was in that article, it might be different.

--
- Nobody would know what RTFA meant if it didn't need to be said all the time
Short report on Zeus trojan by steveha · 2009-05-07 20:16 · Score: 4, Informative

The summary and TFA are rather light on the details I wanted. Here's what you need to know about Zeus:
It's a Trojan that takes over Windows computers. It is being spread through phishing tricks. It is designed to be easy to use, so script kiddies can just pay US$700 to get the Zeus kit and start building botnets to steal data such as credit card numbers.
http://searchsecurity.techtarget.com/news/article/0,289142,sid14_gci1310679,00.html
One feature of Zeus is the "kos" command, for "kill operating system". This wipes out the Windows Registry and the OS files. Usually, black hat hackers don't want to kill systems they 0wn, but recently Roman Hüssy saw a whole botnet get the kos command. TFA listed three possible reasons for this: 0) rival black hat hackers might have gained enough control of a botnet to issue the kos command, to deny the botnet to its 0wners; 1) the hackers might have issued the kos command by mistake or due to incompetence; or 2) the hackers issued the kos to cover their tracks, and give them more time to use stolen data.
That last theory makes some sense to me. If the system is still intact, the owner of the system may figure out that his system was 0wned. The kos will wipe out the evidence of Zeus as well as the OS, so all the owner really knows is that Windows really crashed hard this time.
steveha

--
lf(1): it's like ls(1) but sorts filenames by extension, tersely
1. Re:Short report on Zeus trojan by SpooForBrains · 2009-05-07 20:30 · Score: 4, Insightful
  
  or 4) they did it for shits 'n giggles. Possibly while either drunk or high.
  
  --
  "The dew has clearly fallen with a particularly sickening thud this morning"
Re:Auto destruct by noundi · 2009-05-07 20:22 · Score: 5, Funny

Go home dad, you're drunk.

--
I am the lawn!
Re:WTF by MrMr · 2009-05-07 20:41 · Score: 5, Funny

The problem is the slashdotters are in an unresolvable emotional deadlock.
Do we cheer for destroying 100000 infested Windows installations, or do rage at the crapware producers who make this possible...
Re:Leave Windows Alone by dbIII · 2009-05-07 21:14 · Score: 4, Funny

Of course. MS Windows security is like her underwear. Even when it is on it is excessively complicated, doesn't cover much and is very easy to remove.
Re:All Versions of Windows affected by Z00L00K · 2009-05-07 22:03 · Score: 4, Interesting

Any machine today can self-destruct given the right circumstances.
The problem lies in the fact that all computers have a flash bios that usually isn't write protected in hardware.
And hard disks have their firmware in flash, which also can result in "interesting" permanent crashes.
So if a hacker wanted to give a certain operating system bad credit all that's needed is to prepare a huge botnet and then blow the machines.
Counter-productive - yes, but don't expect the internet to be free of vandals. We have vandal-protected ATM:s and a lot of things are suffering from vandalism even though there is no reason, so why not your machine?

--
If builders built buildings the way programmers wrote programs, then the first woodpecker would destroy civilization.
Re:Zeus Trojan by ledow · 2009-05-08 00:30 · Score: 4, Informative

I beg to differ, given the example in the same post you just replied to. Anything that registers to *read* a file in Explorer can spawn *real* processes (i.e. full copies of Adobe Reader) in the background in order to extract... the Author, Title, maybe a thumbnail.
I would call that "without your knowledge" (I don't remember seeing a security popup for that, even with non-privileged executables), "beyond reasonable means of disabling such facilities" (without uninstalling the entire damn program, or fiddling with associations by hand, and even they're just guesswork to what it actually would do) and "automatic" (I don't remember ever seeing *anything* tell me that it would be loading up every time I hover over a file in explorer). I'd add "out of your control" if you're a non-techy user, which is who Windows is *designed* for.
Additionally, this is STILL where 99% of viruses are coming from and the methods they using to propogate. Don't kid yourself that you'll *always* get a popup for these things, even with UAC. It's just NOT true. There are an unbelievable number of things running all the time that you have so little control over, they are effectively automatic and unstoppable to the vast majority of users. Hell, most users can't even stop LEGITIMATE apps like Quicktime, Realplayer, Java, etc. from running on startup and putting themselves in the taskbar without cancelling the setup entirely. It's up to the *application* to provide that interface most of the time, with a handful of registry locations / undocumented programs for the experienced user.
So you have two options. Never install software on Windows (might as well be running Linux, then!) or install software which puts itself into places you stand little-to-no hope of ever finding out / removing / undoing.
Install fresh machine. Put to latest patch level. Tell user to click everything they find online (but never "Yes" to a security dialog), insert every USB flash device they ever come across into it. Do you think they'll last a week before it blows up in their face? Do you think they can still get *anything* done?
(I'll tell you now, my non-Windows machines pass that test quite, quite flawlessly... Mac is the closest to having problems in that regard)
Install fresh machine. Put to latest patch level. Install bunch of commonly used programs from trusted sources in order to be able to run most websites, most programs out there. Don't install anything else. How much CRAP is in your taskbar that you can't *easily* get rid of without running the program in question and relying on there being a "don't run on startup" option? THIS IS A CONSUMER OS. Doing something *simple* like accidentally installing one antivirus program while another is running will bring a Windows machine to a complete, unusable halt (I've even dealt with bluescreens because of that exact situation) out of which the user has little hope of recovering without professional help.
Operating systems have two choices: Expect arbitrary executables, and cover your arse as much as you can so that the *user* is always in control. Or forbid arbitrary executables.
The second one is what businesses, governments, and the military should be using. Everyone else needs *real* uninstall, proper program sandboxing, a "Task Manager" that cannot be intercepted or delayed no matter what the computer is doing, the facility to bypass, turn off, or otherwise disable ANY change that's made to the system without having to know what that was. (i.e. a "Last Known Good Configuration" that includes only the software installed at that time).
It really comes to something when I can spend an hour waiting for a PC to load because the user has filled it up with (non-damaging) cruft on their own accounts and it take *literally* hours to fix, even in "Safe Mode". Too much opportunity for crap, not enough control.
Re:WTF by Lumpy · 2009-05-08 00:35 · Score: 4, Funny

Cheer that the Windows Malware has escalated to the point that MAYBE, just MAYBE the average joe will pay attention.
Hey, Joe! yeah you! Windows machine can be destroyed by viruses.
Nahhh. I doubt it. These morons will still click on every pop-up and run every attachment sent to them.
"it told me my virus definitions was out of date in a shaking windows box. The computer must have been scared! so I clicked on it!"

--
Do not look at laser with remaining good eye.