Slashdot Mirror

← Back to Stories (view on slashdot.org)

Malware Targets Shortcut Flaw In Windows, SCADA

Posted by timothy on from the thinking-big dept.

tsu doh nimh writes "Anti-virus researchers have discovered a new strain of malicious software that spreads via USB drives and takes advantage of a previously unknown vulnerability in the way Microsoft Windows handles '.lnk' or shortcut files. Belarus-based VirusBlokAda discovered malware that includes rootkit functionality to hide the malware, and the rootkit drivers appear to be digitally signed by Realtek Semiconductor, a legitimate hi-tech company. In a further wrinkle, independent researcher Frank Boldewin found that the complexity and stealth of this malware may be due to the fact that it is targeting SCADA systems, or those designed for controlling large, complex and distributed control networks, such as those used at power and manufacturing plants. Meanwhile, Microsoft says it's investigating claims that this malware exploits a new vulnerability in Windows."

19 of 214 comments (clear)

  1. Interesting by Anonymous Coward · · Score: 1, Funny

    Maybe Realtek has sinister plans other than making crappy drivers?

    1. Re:Interesting by Jeng · · Score: 2, Funny

      Funny, when I have people complaining about their audio on their computers I direct them to download the Realtek drivers to solve it.

      --
      Don't know something? Look it up. Still don't know? Then ask.
    2. Re:Interesting by fuzzyfuzzyfungus · · Score: 4, Funny

      At least, unlike HP and Creative, they have yet to master the art of making crappy drivers larger than entire operating systems of just a few years ago...

    3. Re:Interesting by w0mprat · · Score: 3, Funny

      USB is handled much more securely than floppies ever were :S

      --
      After logging in slashdot still does not take you back to the page you were on. It's been that way for 20 years.
  2. That's what you get... by MrEricSir · · Score: 4, Funny

    ...for taking shortcuts.

    --
    There's no -1 for "I don't get it."
    1. Re:That's what you get... by Monkeedude1212 · · Score: 1, Funny

      *Shades*
      Yyyyyyyyyyyyyeeeeeeeeeeeaaaaaaaaaaahhhhhhhhhh

  3. Windows users are capable of using shortcuts? by Hurricane78 · · Score: 1, Funny

    I thought they would barely manage to point and click, and the keyboard were a mistery to them, just like the whole UI is designed to train them to behave...
    I doubt more than 5% of the (l)users actually know what a shortcut is, considering how they are intentionally hidden away as deep as possible, or even completely removed.
    (I’m not hating Windows specifically. “modern” [aka. “dumbed down beyond being usable”] KDE/Gnome and OSX UIs often are not much better nowadays. :/ But there are some competent UI designers out there. E.g. the Maya ones. :))

    --
    Any sufficiently advanced intelligence is indistinguishable from stupidity.
  4. Re:Windows for SCADA? WTF?! by hedwards · · Score: 2, Funny

    Not Secure OS 2k11, it includes an epoxy substance to jam in the USB ports and floppy if applicable.

  5. Solution by mark72005 · · Score: 4, Funny

    They should avoid holding the USB drive that way.

  6. Re:Windows for SCADA? WTF?! by jd · · Score: 3, Funny

    If the reliability of an embedded system is 1, and the reliability of a Windows system is i, then the modulus of the reliability of the two systems is the same.

    --
    It's a small world and it smells funny; I'd buy another if it wasn't for the money; Take back what I paid (SoM)
  7. Re:Windows for SCADA? WTF?! by Anonymous Coward · · Score: 1, Funny

    If the reliability of an embedded system is 1, and the reliability of a Windows system is i

    Windows' reliability can only be expressed as an imaginary number?

    Thanks, that explains a lot!

  8. Re:Windows for SCADA? WTF?! by sexconker · · Score: 4, Funny

    Windows' reliability can only be expressed as an imaginary number?

    Thanks, that explains a lot!

    Better yet, if you have a 2 independent systems running at the same time mirroring eachother, the odds failure is the odds of both of them failing at the same time.

    (1 - i)(1 - i)
    Or 1 -2i + i^2
    And the reliability is thus
    1 - [1 -2i + i^2]

    Which is 1 - 2i.

    Get a pair of pairs...

    1 - 4i^2 = 5.

    Four Windows boxes and you've got a reliability of 500%!

  9. Re:Windows for SCADA? WTF?! by jd · · Score: 3, Funny

    Ok, I am never flying on a Boeing again. Or any other aircraft. And given that modern computers on cars now use regular ethernet and unsecure protocols (see the papers on successful methods for injecting false commands to the engine and braking systems), I'm going to stay clear of the roads as well. Hell, just get me a Dyson Sphere on some star in some remote galaxy - and a wormhole so I can continue reading Slashdot. Gotta have Slashdot.

    --
    It's a small world and it smells funny; I'd buy another if it wasn't for the money; Take back what I paid (SoM)
  10. Re:Default SQL username and password in HMI by fuzzyfuzzyfungus · · Score: 3, Funny

    Wow. That is some incredible quality there.

    I'm assuming that this product is of the "Well, it sucks ass; but at least it was incredibly expensive..." school of enterprise software design?

  11. Re:Windows for SCADA? WTF?! by kd5zex · · Score: 2, Funny

    The funny thing is that I work with a lot of GE products.

    Sorry to hear that, if I ever catch up to you in the field I will pick up your bar tab.

  12. Re:Windows for SCADA? WTF?! by slick7 · · Score: 2, Funny

    The vector is the windows machine that is networked (stupidly) to older non windows boxen that do the SCADA work.

    In theory, an attacker could manipulate the SCADA machines and cause disruption.

    I worked with non-windows SCADA systems. Any windows boxes operated with proprietary software and proprietary communication keys. Without the keys, you have nothing. If any dickwad engineer insisted on windows communications, they deserve exactly what they get and I hope it's a Dell.

    --
    The mind conceives, the body achieves, the spirit manifests.
  13. Re:Windows for SCADA? WTF?! by L4t3r4lu5 · · Score: 3, Funny

    "Windows recently downloaded and installed an important security update to help protect your computer. This update required an automatic SCRAM of your reactor."

    --
    Finally had enough. Come see us over at https://soylentnews.org/
  14. Re:Windows for SCADA? WTF?! by Anonymous Coward · · Score: 1, Funny

    ... hoping to become an unemployed UNIX admin.

  15. Re:Windows for SCADA? WTF?! by Anonymous Coward · · Score: 1, Funny

    Wow, 500%... and to think I would have been happy with a mere 100%