Many Hackers Accidentally Send Their Code To Microsoft

← Back to Stories (view on slashdot.org)

Many Hackers Accidentally Send Their Code To Microsoft

Posted by Soulskill on Friday August 27, 2010 @01:30AM from the not-the-brightest-cookie-in-the-shed dept.

joshgnosis writes "When hackers crash Windows in the course of developing malware, they'll often accidentally agree to send the virus code straight to Microsoft, according to senior security architect Rocky Heckman. 'It's amazing how much stuff we get.' Heckman also said Microsoft was a common target for people testing their attacks. 'The first thing [script kiddies] do is fire off all these attacks at Microsoft.com. On average we get attacked between 7000 and 9000 times per second.'"

8 of 220 comments (clear)

::head shake:: by Pojut · 2010-08-27 01:33 · Score: 5, Funny

Fucking script kiddies...in MY day, we actually HACKED.
Wait, I was born in '84...

--
Living With a Nerd
1. Re:::head shake:: by oodaloop · 2010-08-27 01:40 · Score: 5, Funny
  
  Soooooo should I get off your playground, or what?
  
  --
  Tic-Tac-Toe, Global Thermonuclear War, and relationships all have the same winning move.
So now crackers have a new way to attack Microsoft by tomhudson · 2010-08-27 01:41 · Score: 5, Interesting

An application that generates random gibberish that "look" like a script, then sends it embedded in a fake crash dump to Microsoft for analysis.
"Fuzzing" isn't limited to code on the local machine any more - you can now try it on Microsoft employees.
Then add further fake crash dumps from legitimate apps that didn't crash; enough of them, from enough machines, and Microsoft will be looking for non-existent bugs.
Re:But by maxwell+demon · 2010-08-27 01:46 · Score: 5, Funny

Yes, that's because they live in basements where windows wouldn't be of any use anyway.

--
The Tao of math: The numbers you can count are not the real numbers.
Of course! That's how windows is written. by tekrat · 2010-08-27 02:15 · Score: 5, Funny

Thousands of hackers across the globe send their malware, virii, and trojans to Microsoft, where it is collected, pieced together and compiled. Then MS puts it in a box and calls it an OS.
If you notice, there is a direct correlation between the number of hackers sending their code to MS and the amount of bloat in each new software package released by MS.
Another mystery solved! You're welcome.

--
If telephones are outlawed, then only outlaws will have telephones.
Very confusing article by microbee · 2010-08-27 02:15 · Score: 5, Insightful

The article is talking about two things: developing virus (and sending crashdump to Microsoft) and attacking Microsoft.com. These are not the same thing.
And a crashdump containing virus does not mean it's the hacker that sent it. It could well be the victim. So while the speaker wants to say something entertaining, I wonder how truthful it actually is.
Re:How Does It Encapsulate the Source Code? by Len · 2010-08-27 03:35 · Score: 5, Funny

RTFA
But it's all the way in Australia!
Re:How Does It Encapsulate the Source Code? by thePowerOfGrayskull · 2010-08-27 03:59 · Score: 5, Informative

Not sure why this is modded insightful. RTFA doesn't answer the question, except to say

When the hacker's system crashes in Windows, as with all typical Windows crashes, Heckman said the user would be prompted to send the error details — including the malicious code — to Microsoft. The funny thing is that many say yes, according to Heckman.
it doesn't explain how the "error details" comes to be "including the malicious code". He goes on to say

"People have sent us their virus code when they're trying to develop their virus and they keep crashing their systems," Heckman said. "It's amazing how much stuff we get."
System crash implies a bluescreen - which further implies a memory dump -- but R-ing TFA doesn't answer the question one way or the other.