Slashdot Mirror

← Back to Stories (view on slashdot.org)

Korean DDoS Bots To Self-Destruct

Posted by timothy on from the someone-needs-a-little-hanging-before-bed dept.

tsu doh nimh writes "Several news sources are reporting that the tens of thousands of Microsoft Windows systems infected with the Mydoom worm and being used in an ongoing denial of service attack against US and S. Korean government Web sites will likely have their hard drives wiped of data come Friday. From The Washington Post's Security Fix blog, the malware is 'designed to download a payload from a set of Web servers. Included in that payload is a Trojan horse program that overwrites the data on the hard drive with a message that reads "memory of the independence day," followed by as many "u" characters as it takes to write over every sector of every physical drive attached to the compromised system.' ChannelNews Asia carries similar information."

16 of 501 comments (clear)

  1. Really that bad of a thing? by Immostlyharmless · · Score: 5, Insightful

    You have to imagine if these computers are all infected with this one trojan, they are probably infected with god only knows how much other spyware, malware, backdoors, and spambots. This might just be a GOOD thing; when these compromised twits wake up to a completely wiped drive, it might be the thing that drives them to read up on computer security a little bit, perhaps switch to a more secure browser, buy a router with a hardware firewall, etc. Not to mention, it will also wipe out all the aforementioned crapware.

    1. Re:Really that bad of a thing? by tsa · · Score: 4, Insightful

      Forget it. They will just buy a new computer because their old one is 'broken.'

      --

      -- Cheers!

    2. Re:Really that bad of a thing? by Patrik_AKA_RedX · · Score: 5, Insightful

      More likly they'll complain their kid's game broke their computer, buy a new one and continue punching the monkey.

    3. Re:Really that bad of a thing? by clarkkent09 · · Score: 5, Insightful

      This seems to be a popular view here on slashdot but it ignores the fact that 90% of the computer users neither understand nor should have to understand a single bit of what the hell you are talking about. It should be considered a failure of the part of the computer industry to be making products that are incapable of being used for storing important data without expert level knowledge on how to secure it. We in that industry should start admitting that the issue is our fault instead of calling people twits for not knowing what a "router with a hardware firewall" is. Oh, and you can blame MS all you want but the truth is that Linux, if as widely adopted and used by ordinary computer illiterate users, and as targeted by the malware writers as Windows is, wouldn't be a whole lot batter.

      --
      Negative moral value of force outweighs the positive value of good intentions.
    4. Re:Really that bad of a thing? by mlts · · Score: 4, Insightful

      This reminds me of the '90s and MS-DOS viruses. At first, people didn't care because stuff like Brain, et al. were annoying but not malicious. Then came more and more destructive variants. Once BIOSes started getting zapped, people started making sure that they downloaded from a clean source and used AV protection.

      Times are similar now. Malware used to be annoying because it was fairly crappy code that bogged down a machine. These days, because malware has matured to the point where a user doesn't even know it is present on a system, they tend not to care. Such as the attitude of "I'll do what I want on my computer, if I get my machine slowed down, Geek Squad will fix it for me". If something malicious software bit them, wiping everything on a widespread basis, it might spur Joe Sixpack into not using IE with all settings set to "Low" because the pr0n sites don't complain that way.

      However, having a lot of clueless users get their data zapped this isn't a good thing overall. A lot of them will not do a thing for their own security. Instead, they will beg the lawmakers to do something, and feel good (or more aptly, feel "secure") legislative solutions rarely address international problems. Lots of bad things can happen down this path, from mandated "security" software to be on machines, to efforts to make PCs closed appliances like video game consoles.

  2. +1 Insightful by zooblethorpe · · Score: 4, Insightful

    This might just be a GOOD thing; when these compromised twits wake up to a completely wiped drive, it might be the thing that drives them to read up on computer security a little bit, perhaps switch to a more secure browser, buy a router with a hardware firewall, etc. Not to mention, it will also wipe out all the aforementioned crapware.

    Precisely my thought on reading the summary -- good riddance to some severely compromised systems on the one hand, and on the other, I sincerely hope the users gain a clue.

    Getting hit with the clue bat hurts. Otherwise, folks tend not to remember.

    Cheers,

    --
    "What in the name of Fats Waller is that?"
    "A four-foot prune."
  3. Re:U ? by Anonymous Coward · · Score: 5, Insightful

    u in binary (yeah, I know what you meant):
    1010 0101

    I would have expected
    0101 0101
    which is "U"
    (or 1010 1010, but that doesn't seem to be a nice ASCII character I can type)
    Hmm, maybe it is a capitalization error on someones part, or maybe they just like the palindromic nature of 1010 0101?

  4. Re:Omg, think of the pr0n by Patrik_AKA_RedX · · Score: 4, Insightful

    Let's hope the guy who's good at curing cancer is also good at making backups...

    Seriously. It overrides every attached HD. How well does a RAID stand up to that in terms of data protection? Or an attached USB HD?

  5. Well... by TheSpoom · · Score: 4, Insightful

    Sucks to be running Windows.

    *gets back to work in gedit*

    --
    It's better to vote for what you want and not get it than to vote for what you don't want and get it.
    - E. Debs
  6. happy ending by Errtu76 · · Score: 5, Insightful

    I'm glad there's a happy ending to this story. Thousands of unpatched windows machines will cease to exist, hurray!

  7. Re:Apple viral marketing campaign by evilviper · · Score: 5, Insightful

    Actually, it CLEARLY is a plot. It should be pretty obvious to everyone...

    It was designed to attack less important government websites, while keeping collateral damage to a minimum... No attempts on the power grid, FAA, etc., and no private companies affected.

    Joe Lieberman went up before a room full of press and cameras and said, (roughly) "If this was someone sending us a message, we got it loud and clear."

    Plus, it launched on July 4th, not a particularly significant day for North Koreans... And while anybody could look it up, who here can say they know the dates of big Chinese holidays? Really?

    And now, it's doing exactly what good worms NEVER do... Killing their hosts, and themselves, suddenly, flagrantly, and unnecessarily. Exactly what any of us would wish to do with zombie PCs.

    So, it seems pretty damn likely it was in fact anti-malicious. Some misguided white-hat who thinks drawing attention and cause a small bit of undeniable pain is the only way to make things get better. Frankly, it sounds like the ideal NSA fund raiser...

    --
    Slashdot gets worse every day... Pipedot: News for nerds, without the corporate slant
  8. Re:Apple viral marketing campaign by Opportunist · · Score: 4, Insightful

    It sounds more like the destruction of evidence. But then again, why'd I want to do that if I was already identified as the culprit? What could I gain? If anything, I'd want the attack to continue indefinitly, even after I've been wiped out, so to maximize the damage to my enemy even if I should not survive it.

    To anyone playing chess: If you can't save your queen, make sure you can trade it for his.

    --
    We used to have a Bill of Rights. Now, with the rights gone, all we have left is the bill.
  9. And something of value was gained? by AliasMarlowe · · Score: 5, Insightful

    Bots and other malware that do no appreciable harm to their hosts have made users complacent about keeping their systems clean (or preferably secure). In the meantime, the collateral damage of spamfloods, spyware, and DDOS attacks has been inflicted on the whole community. An exemplary episode in which the infected machines actually suffer may wake users up again. Windows users are, as usual, the witless accomplices/culprits in this case, but Macs can be just as easily penetrated (demonstrated in the hackfests each year), and poorly administered Linux/BSD/Solaris systems can also be vulnerable.
    Let the vendors of protective measures celebrate! Sales of anti-virus, anti-spyware, anti-rootkit, firewalls, and so forth may benefit. The publicity may even cause some security holes to be patched, and better practices to become default. Maybe the rest of us will benefit...

    --
    Those who can make you believe absurdities can make you commit atrocities. - Voltaire
  10. Re:good... by calmofthestorm · · Score: 4, Insightful

    I care because their compromised machines mess with mine.

    --
    93rd rule of Slashdot: No matter how obvious my sarcasm is, my comment will be taken seriously by someone.
  11. Re:Brainwashing is in the eye of the beholder by EdIII · · Score: 5, Insightful

    Point taken. However, most people in the U.S think that their leaders are full of crap. Not much different than most parts of the world.

    However, in North Korea, the average citizen has practically zero access to information from the outside.

    So if brainwashing was say... at a 3/10 in the U.S, it's a 10/10 in North Korea. I mean, come on, your hands rotting off by picking up a piece of paper? It's not like the levels of bullshit are equal in the scope of the lies they represent or their damage.

    I did not bring up the point to say America is "number one" and that our crap does not stink, just wanted to point out that with all the brainwashing going on in North Korea it is fact that the average North Korean hates and fears us. To say that July 4th is not a significant day in their lives is just incorrect. That's all I was sayin'.

  12. Re:first post.. by stuntpope · · Score: 4, Insightful

    And anything that may get the average S. Korean to take computer security seriously and not roll their eyes dismissively when you make secure practice recommendations, is a plus in my book.