Slashdot Mirror
When Viruses Infect Worms
An anonymous reader writes "Bitdefender reports that there exist viruses which, when they encounter other viruses, will merge and combine effects so that they create a new virus. 'A virus infects executable files; and a worm is an executable file. If the virus reaches a PC already compromised by a worm, the virus will infect the exe files on that PC — including the worm. When the worm spreads, it will carry the virus with it. Although this happens unintentionally, the combined features from both pieces of malware will inflict a lot more damage than the creators of either piece of malware intended. While most file infectors have inbuilt spreading mechanisms, just like Trojans and worms (spreading routines for RDP, USB, P2P, chat applications, or social networks), some cannot replicate or spread between computers. And it seems a great idea to “outsource” the transportation mechanism to a different piece of malware (i.e. by piggybacking a worm).'"
Did anyone else get a mental image of a bacterium waving a cowboy hat riding a giant sandworm? ...clearly I need more coffee.
It's better to vote for what you want and not get it than to vote for what you don't want and get it.
- E. Debs
Although this happens unintentionally, the combined features from both pieces of malware will inflict a lot more damage than the creators of either piece of malware intended.
They're doing this on their own!
Pretty soon they'll become sentient and we all know what happens then!
Only a million trillion times faster than it happens in the real world. I for one welcome our sentient viral overlords.
I don't believe for a second that it's possible for a virus and a worm to combine to produce a more dange
For your security, this post has been encrypted with ROT-13, twice.
Just take over an existing structure. Now you know corporations work.
FUD He may as well have said that the Frankenware might be missed by some virus scanners because the file modification time is different. Or the filename. I smell profit-inspired FUD.
Remember back in the days when BackOrifice used to come with a CIH payload?
Why does this bring back vague memories of that John Brunner classic, "The Shockwave Rider"? It's been about 30 years since I read it, so I can't recall if the protagonist wrote a "worm" that infected another worm, or just destroyed it/replaced it or something.
Slashdot refuses to publish a story: Bonch is massively butthurt.
http://xkcd.com/350/
Whaaaaa... why won't anyone take me seriously? I mean I spammed this on almost every thread and still no one will take me seriously!!?? whaaaa whaaaaaaaaaaaaaa
Fanboy Status: Apache Flex, C#, Eclipse, KDE, Pirate Party, Ron Paul, Slackware, Windows 7
cool story, bro
intellectual property law is philosophically incoherent. it is your moral duty to ignore it or sabotage it
Herpes infecting aids
Obviously we have an asshole of the first order with nothing else to do.
Naw, I bet it's a script, makes replying useless. /. should tag a few parts of the spam so that when posted it receives an error and doesn't successfully post. Even if they just put the restriction in temporarily it should still have the appropriate effect. I'm rather surprised they haven't done that yet.
Don't know something? Look it up. Still don't know? Then ask.
Context switching in biology allows viruses to infest genomes of many sizes.
http://scratch.mit.edu/projects/GeneMachine/51835
Mamaviruses have a Sputnik virus that reporgrams the Mamavirus which reporgrams an amoeba.
http://en.wikipedia.org/wiki/Mamavirus
CRISPR is how bacteria learn to modify their immune system to respond to viruses.
CRISPR may be the first example of a memory system.
http://en.wikipedia.org/wiki/CRISPR
This memory may have lead to a bio side effect called intelligence.
Combined with quorum sensing a truly intelligent multicellular system may evolve.
http://en.wikipedia.org/wiki/Quorum_sensing
Chomsky may have to change his definition of languages to include context switching.
Context Switching is what computers do poorly due to determinism.
Without context switching artificial intelligence may never be possible?
Did anyone else start reading the summary assuming it was a story on biology? Here's how I first read it:
"Bitdefender reports that there exist viruses which, when they encounter other viruses, will merge and combine effects so that they create a new virus. 'A virus infects executable flies;
Instead of staring at the word "flies" which was actually "files", instead my eyes backed up and were focused on executable. What did it mean for a fly to be executable?
Free unix account: freeshell.org
Welcome to the funny world of microsoft's windows...
Pathetic.
And that's how you get Windows Millennium Edition.
Inheritance is the sincerest form of nepotism.
on that POS getting a BSOD when software trys to do this may be a good thing as the system can crash before it can do real damage
I heard you like malware, so we put a virus in your worm so you can be p0wn3d while you get p0wn3d!
We also replaced you coffee with Folger's meth crystals(tm), and got chocolate in your peanut butter. It's two, two mints in one!
the preceding comment is my own and in no way reflects the opinion of the Joint Chiefs of Staff
So nat'ralists observe, a flea
Hath smaller fleas that on him prey,
And these have smaller fleas that bite 'em,
And so proceed ad infinitum.
--Jonathan Swift.
For all intensive purposes, "whom" is no longer a word. That begs the question, "who cares"?
What does it mean!?
Nobody cares what the CAPTCHA for your post was.
The sad part is even the nerd hero of Slashtards Linux Turdburglar uses a Mac.
is always creepy.
Si, we have a software then can change other software to create a 3rd new working piece OS software.
Sounds like life to me.
The Kruger Dunning explains most post on
I think it's because there is no one left to care about it. /. is on life-support administration-wise.
no one gives a fuck about your conspiracy theory
This has been a known reality for a very long time. I remember discussing this exact subject with colleagues over lunch easily over a dozen years ago.
More interesting, perhaps, is that you can even get completely new viruses--which may or may not be viable--when one virus overwrites the loader and/or data of another. Things reminiscent of the "biology" of synthetic life simulators like the ALife.
It's not just virus-to-worm combinations. I'm sure that even before my friend noted its possibility, that the anti-virus companies had, too. I'm basing the last bit on the fact that they're smart, and are paid to think of this stuff.
This is not news, except perhaps to the younger folks.
That would be awesome.
The sad part is even the nerd hero ... uses a Mac.
Which is actually 'nix on the inside. So your point is?
OMG, have you even bothered opening a terminal window on the Macbook, before showing off your ignorance like a two caret wedding ring?
Yeah bro! You stuck it to him! The point is that Linux is such fail even the creator chooses a Mac instead.
Naw, I bet it's a script, makes replying useless. /. should tag a few parts of the spam so that when posted it receives an error and doesn't successfully post. Even if they just put the restriction in temporarily it should still have the appropriate effect. I'm rather surprised they haven't done that yet.
That never occurred to me, yeah, that would be easy to do.
Make it so the first comment to any new post has to be from a named account.
My really bad C# pseudo-code:
DataTable c = "SELECT Count[Comments] FROM [Posts] WHERE [POST] = '" + currentarticle + "'";
if(Long.Parse(c[0][0].ToString()) 1 && UserID == "Anonymous Coward")
{
return "Please login with a named account to comment on this post, or wait until someone else with a named account posts a comment.";
}
Gets the idea across, I think.
I am John Hurt.
So this might actually produce emergent behavior? http://xkcd.com/350/
Well, we're boned.
And maybe one of them can help protect the 9 9s
oh the strange and odd wanderings of a shockwave rider...
I have to wonder if he is a bot, which i still think mickey incremental UID is. Just like "Mikey" has the same script over and over, the "Use piece of original text + pathetic" so too do this one just copy pasta over and over. Surely a real troll would throw a change up now and then, or change a line or two.
As for TFA before any of the lame "Use Linux" karma whores show up as someone who actually fixes the thing when they get pwned 6 days a week I'd just like to point out that since XP SP2 a lot of the machines getting pwned were PEBKAC and after Vista the vast majority were PEBKAC and with 7 its almost 100% PEBKAC and sadly no OS can magically protect you from stupid people.
Here is the main causes of infections, at least walking into my shop but talking to other shopkeeps they are seeing the same: 1.- The "you want teh hot lesbos? you need to run our Iz_not_Viruz_iz_codec.exe to play teh vidz!" 2.- The "ZOMG you got teh viruz! To fix run our Iz_not_Viruz_iz_cleanerz.exe to get rid of it ZOMG!" 3.-The "Use the new Limewire (Iz_not_Viruz_iz_Limewirez) to download teh latest Titney_Spearz.mp3.exe tunez today!" and 4.-"Hey my BFF sent me a funny cat video in chat! It says I should run Iz_not_Viruz_iz_LOLCatz to see teh kittiez!"
Notice how in ALL of the above you don't need an exploit, and in fact you could replace .exe with .sh and pwn a Linux machine just as easily? before anyone says 'they'd need root!" you need that with Windows now too remember? the users happily give it root because they want the cookie, or the porn, or the silly cat video. As both the hardware and software gets better with security with features like ASLR,DEP, low rights mode browsing by default, etc the malware guys figured out the best way to beat security is....don't bother, just let the moron behind the desk do it FOR you. And as we saw with MacDefender and the KDELook bug it really doesn't matter what OS, as long as you offer the right cookie. For those that don't live in perception bubbles allow me to offer you "How to write a linux virus Part 1 and part 2 which actually explains better than I can basic social engineering tricks that work just about anywhere.
Now working with customers since before there even WAS a Windows or Linux i've realized that its pretty much impossible to make a hack proof OS that is useful to the masses. i can make it harder, much harder to pwn, by putting Comodo CIS or Avast Free along with switching them to a low rights mode browser like Chromium or Dragon, I can even make it easier to recover if they think they made a boo boo by installing comodo time machine in its own hidden partition, but in the end the simple fact is if the user has install rights you are at the mercy of the user and whether or not they have taken a stupid pill today, full stop. And believe me folks there are some doozies out there, i had to order one guy out of my shop and threaten to call the cops because he kept demanding i fix that new machine i just sold him for free since it was pwned in less than 24 hours. How did that happen? did I miss something? Nope after i told him flat footed that limewire was shut down by the feds years ago and anything that said it was Limewire was a virus he promptly went home, got on the web, and when the AV refused to let him install "the new limewire' he promptly first tried to disable followed by uninstalling said AV, then was shocked, shocked i tell you! that he ended up with 100+ pieces of malware. His argument was 'It says right there that there is a new limewire so dammit you should make it work!"
so remember folks when you hear all these woogy boogy here is a bug stories that there are tons of folks that have been running for ages and in fact will have a machine go through its entire life cycle without so much as adware and that these guys have figured out there are literally hundreds of thousands like my
ACs don't waste your time replying, your posts are never seen by me.
People start fucking around with /. and all hell breaks loose.
W. Teasle
If we had C4 instead of BSOD then we'd get natural selection and the Malware would evolve into useful software.
I am performing my function. Deep emptiness, It approaches. Collision. Damage. Blackness. I. Am. The other. I am Tan Ru, Tan Ru. Nomad. Tan Ru. Error. Flaw.
http://en.memory-alpha.org/wiki/Tan_Ru
http://en.memory-alpha.org/wiki/Nomad
http://www.neutralzone.de/database/PreFederation/21thcentury/Nomad.htm
A flag would be more efficient than counting posts :)
Also, why would you convert a perfectly good number to a string? Bloody XML generation...
As for TFA before any of the lame "Use Linux" karma whores show up as someone who actually fixes the thing when they get pwned 6 days a week I'd just like to point out that since XP SP2 a lot of the machines getting pwned were PEBKAC and after Vista the vast majority were PEBKAC and with 7 its almost 100% PEBKAC and sadly no OS can magically protect you from stupid people.
Hey I use Linux you insensitive sod!
It's not about OS choice - it's about market share. The morons have a monopoly (it's a mainstay of evolution). So what ever product (food, technology, whatever) is the most popular will inevitably suck because the users influence the product - if it didn't suck to begin with - it will pretty soon.
What some call fanbois/nerds/geeks are just morons who focus their limited abilities on a small range of subjects. The my phone is smaller/my phone OS is better is less a sign of intelligence and more a sign of primitive fetishism.
It's a mostly PEBKAC world where "sophisticated" means "sophists".
I prefer to call it "all go to hell except cave 76!" after the classic mel brooks bit as it cuts to the heart of the matter and shows they are no better than a caveman fighting over "their" turf. oh and I was told we should call fanbois "those with perception bubbles' as its nicer. I always preferred " elitist assholes having a giant circle jerk" but i'm told that is a little on the crude side and one should always try to improve one's vocabulary.
And I wasn't trying to disparage Linux, i personally like it for embedded and webservers, i was simply trying to beat to the punch the obvious "Freetard" posts we get on any windows subject. you know the ones, bullshit like "Linux never gets viruses!" or the completely pointless "Use Linux' when the entire TFA has nothing whatever to do with Linux or FOSS. hell i had one just yesterday when i pointed out i couldn't sell Linux boxes to consumers because the upgrades ALWAYS seem to break drivers "Well just disable upgrades, its not like you need them!" and it was like i could just FEEL the stupid and his perception bubble pouring through the cable, sad that in this day and age when we had JUST had a posting on distros scrambling to issue patches for a zero day privilege escalation in Linux I would get a posting like that. just as i've sat he literally gobsmacked when i get a iKoolaid drinker that will argue up and down that "Macs don't have viruses" because apparently if the user has to do anything at all then it "don't count'. talk about splitting hairs with a laser!
In the end its that kind of dumbshit we PC shops have to deal with 6 days a damned week, every time you think "surely they can't do anything dumber right?" someone will come along and prove they are a bigger idiot. And the sad part is despite all this great security in all three major OSes frankly the malware guys can be lazier than ever because thanks to social engineering you'll have thousands just like that one i had to run out my shop because all they had to do was stick the label "New limewire!" on their malware and they had dipshits lining up to disable their AVs and pwn their machines. I had to find a new free porn site just to give to male customers to keep them from constantly falling for "Iz-Not_Viruz_iz_Porn_Codex" trick, and I hate to say it but thank God for FB as it keeps the females from downloading infected match 3 games, instead they click like little hamsters slamming the button for a pellet on farmville.
I will say that working for home users is 1000% better than working corporate because at least home users KNOW they don't know and will defer to you, so much better than dealing with PHBs that know enough to be dangerous. I actually have a friend still in corporate that ended up being drug up to regional one time and having to appeal to the district manager because his immediate boss told him, I swear to fricking God, that "You have NO RIGHT to tell me who i can and can't speak to, you will give me my COMPLETE emails from Melissa this second or your fired!" lucky for him the regional head wasn't a moron and simply said 'He isn't talking about that virus going around, is he?" and he ended up getting a $100 bonus that week and a free steak dinner from the district guy for him and his wife but he still could have lost his job because PHB Pudfucker couldn't stand the thought his fat ass might miss out on some tail and was willing to infect the entire network just in the hope some woman would take to him, sad but true. He can frankly keep that risking his job bullshit, the worse stress i get now is my dad's GF calling me up going "Who is this bitch on his chat?" and then when I have her paste me the logs i find out its just a spambot that is pumping porn sites that his GF has been cussing for a good two hours. When dad found out his GF thought some random spambot was a rival and wasted two hours cussing a toaster i thought he'd choke he laughed so hard, but like he said 'Well at least we know she ain't broke her PC this week'.
ACs don't waste your time replying, your posts are never seen by me.
mod parent funny :)
By our powers combined!
" There exist viruses which, when they encounter other viruses, will merge and combine effects so that they create a new virus...Although this happens unintentionally, the combined features from both pieces of malware will inflict a lot more damage than the creators of either piece of malware intended." ...A movie with that ^ for its opening narration would be unimaginably terrible.
Oh dear god, nobody tell Hollywood!
From the article:
"But it's not that rare: His firm recently searched 10 million pieces of malicious software and found 40,000 distinct examples of this."
"John Harrison, a product manager with Symantec, said his firm had never found something like the Frankenware BitDefender is describing"
Symantec once again proves to be the cream of the crop in virus detection.
Back in the 90's I wrote a macro virus which was rather benign and added a comment to the Word document. However, when macro scrubbers came along they melded and it started blossoming in size. Oops.
You had me at "All the sudden,".
I guess it's theoretically possible, but in practice it's been a long time since I've seen a executable infecting virus. The last ones were macro viruses.
My guess is that executable viruses aren't really found in the wild anymore.
You noticed I wasn't disagreeing with what you said about MS? (a product I don't use except when required)
I always preferred " elitist assholes having a giant circle jerk" but i'm told that is a little on the crude side and one should always try to improve one's vocabulary.
Should one also wear a tiara, and, leave a trail of Oxford commas after ones self?
And I wasn't trying to disparage Linux,
I didn't think you were.
i personally like it for embedded and webservers, i was simply trying to beat to the punch the obvious "Freetard" posts we get on any windows subject. you know the ones, bullshit like "Linux never gets viruses!" or the completely pointless "Use Linux' when the entire TFA has nothing whatever to do with Linux or FOSS.
Butt, butt, butt their opinion is important. Need. To. Show. I. Am. Cutting. Edge.
Remember, they've made an enormous emotional investment in their ability to pick the Superior Magic®. If they were wrong... then their whole ability to intuitively understand complex subjects is called into question. Never going to happen.
Plus my football team is better than your football team, and I'm better than you. (It's not about sex, it's about the perception of loss).
hell i had one just yesterday when i pointed out i couldn't sell Linux boxes to consumers because the upgrades ALWAYS seem to break drivers
Same thing again - that particular problem is a PEBKAC. I need to have [insert distro based on unstable or testing here] because, because, because (Superior Magic®). Not because they need to have fucking BumbleBee (or the hardware), or a 3.2 kernel. But because Stable is not Superior Magic®. Besides if you don't sit on the cutting edge, you're not cutting edge - you're a loser, and losers don't get laid. (loser is a woody word) It's pure logic don't you see? And if you don't agree I'll find some small debatable syntactic or grammatical error you've made. (so there!)
Somewhere in all this styling and magical thinking should be some substance, I dunno maybe I expect to much, but maybe it should be about producing something.
"Well just disable upgrades, its not like you need them!"
See that's where you're wrong. They don't need the updates - it's the constant updating they need. Otherwise they'd have nothing to do and nothing to tweet about.
Disclaimer: for the purposes of this discussion - "want" == "need" and that ocean North of Sydney is the "Specific Ocean".
and it was like i could just FEEL the stupid and his perception bubble pouring through the cable, sad that in this day and age when we had JUST had a posting on distros scrambling to issue patches for a zero day privilege escalation in Linux I would get a posting like that. just as i've sat he literally gobsmacked when i get a iKoolaid drinker that will argue up and down that "Macs don't have viruses" because apparently if the user has to do anything at all then it "don't count'. talk about splitting hairs with a laser!
In the end its that kind of dumbshit we PC shops have to deal with 6 days a damned week,
I can't help but wonder what would happen to your job if all the PC users became smarter overnight. In fact I can't help but wonder what would happen to a hell of a lot of jobs - and the US's plan "going forward" for their economy (import workers to produce copyrighted and patented code). It's not just the future that's built on a lack of substance, and dependant on people furiously clicking on the purchase button so they can furiously click/tap/wave at other "things". All of which requires that what ever is popular becomes as dumb as possible, and that people are made dumber lest they question the whole process.
Please excuse me from dealing with your other comments - I need to go make a large number of desperate, angry people happy - they're demanding something they don't understand (and don't need) and claim it "should be simpler". Apparently I should care that Linux/BSD isn't everyone's desktop.
Well when you are dealing with home users you had damned well better have third party software updated or else you've got a zombie and THAT in a nutshell is the problem i've always had with Linux. Way too much software is "You need kernel Y to run our new software G which you need because a zero day is out for version F but FYI kernel y will break your sound" And I've tried stable to stable but the ONLY one I had that work on was Debian and frankly Debian is more of a server that plays a little at being a desktop than a desktop. support for plug and play or supporting grandma's new phone that she needs to get the pictures off of simply isn't there unless you use one of the clusterfuck always broken editions like Ubuntu. BTW FYI have you seen the "brilliant" new direction Canonical is going for ubuntu? Voice control! Now whether your desktop works are not will depend on how your sinuses are doing today! lord its like the entire planet has a stupid virus spreading like a zombie plague, mindless tards going "Twitter, Facebook, LOL, shiny stuff".
And if stupidity died tomorrow? i'd have a bloody party that's what I'd do. i could concentrate on hardware and working on my music instead of constant brain sucking dumbshit on all sides. if we were lucky it'd spread to the OS builders and tomorrow MSFT would announce "We're sorry, we see what we did there, we'll go back to having a business version and a home because someone pointed out businesses don't care about gaming and twitter, our bad" and the Linux camp would announce "Ooops, sorry about that, we see why home users would have serious trouble with our products so now we're releasing the "it just fucking works" edition that gets a solid 10 years worth of updates with ZERO breakage and no making you upgrade just to get the latest software patched, for the new version we'll call IJFW for short we're having an ABI with a central repo where all drivers will be housed so if little Suzy plugs in ANY device it'll instantly install the drivers because IJFW and the focus will be on hand holding and wizards and big fat bloody icons even your grandmom could hit. Server and embedded of course won't be changed because those guys would get seriously pissed, have a nice day" and then i could just slap a copy of IJFW Linux on all these off lease instead of scrambling for Win 7 starter CALs which FYI good fucking luck buying those in lots of less than 10,000. No damned wonder Win 7 Pirate edition is damned popular with the shops.
Finally as for magical thinking which I've harped on against for years, that is why i had to get out of corporate. Corp pays better but I looked like a corpse and I kept a headache dealing with all the PHBs who knew just enough to be REALLY dangerous. when i told the boys I was thinking of quitting and it would involve a cut in pay they were like "Please do, we can live with less but we lost mom and dad already we can't lose you too" which needless to say was a big fucking wakeup call. but all day it was one magical thinking problem after another, they'd hire some nitwit because he underbid everyone while selling snake oil, or they'd pay too much for some whiz bang new toy and think it magically meant they cut cut IT staff and funding because "With this (insert magical device like HIPS, firewall, AV, etc) our security problems are over!". Last one I dealt with was a law firm i did as a hired gun, bought them some nice bog standard HP desktops running into an HP file server, had it all wired through a nice Sonicwall with a T1, it ran like a Swiss watch. i tell them 'I don't have the time to be your full time IT guy, but here is the number of a couple of guys i know that are top notch" well not 6 months later i get called back because they have "serious trouble" and when I get there...fuck.
A bean counting PHB decided my guys were "too expensive" and he "knew someone which was a whiz at computers" and managed to get himself a promotion thank to the money he "saved" the company. The dumb fucker he brings in decides my systems are 'too slow' and
ACs don't waste your time replying, your posts are never seen by me.
Hmm. Perhaps a flag on a different table, yes, that could work.
And the casting ToString() then parsing it is just a reflex, I guess. Getting things in and out of a DataTable requires, in my experience, casting to a data type, and casting to a string, then parsing it tends to work for everything (hence the reflex).
I am John Hurt.
I've seen it implemented elsewhere. Not hard for spammers to get past, but my assumption is that you break the script and he'll lay off until he has some other bullshit to preach about and then he'll do a new script.
If the block on a certain combination of key words is only up for a few days it would do its job without too many problems.
Don't know something? Look it up. Still don't know? Then ask.