back to article Storm Worm retaliates against security researchers

New features of botnets created by the infamous Storm Worm allow denial of service attacks to be launched against security defenders that attempt to interrupt its operation. Attempts to probe command-and-control servers can result in a withering counter-attack of malicious traffic that can swamp the internet connections of …

COMMENTS

This topic is closed for new posts.
  1. Brian Miller

    Probe using a cell-phone connection

    Cell phone broadband connections are notorious for dumping connections. Sometimes the connection is good for a day, sometimes its good for a few minutes. Each time the conneciton is reset, the machine gets a new IP address, and its over a very wide range. So as the worm is probed, the researcher can dump his cell broadband connection, and then resume probing with a new IP.

  2. The Other Steve
    Stop

    Knows ? Evolving ?

    Utter shite. However sophisticated the storm worm code might be, it is just that, code.

    It is not aware, it does not 'know'.

    It does not 'evolve', it is changed by programmers.

    Hysterical hyperbole, pure and simple.

  3. Tom

    definitions

    That just depends on your definition. If you include the person (or more likely people) controlling the entity in your definition, then it's fair to say it has knowledge. I'd say evolving is the wrong term, though. It's more likely just adapting without any part of it being analogous to genomic information transfer.

  4. DMJ
    Happy

    Could it be...

    Skynet??!!

  5. Anonymous Coward
    Paris Hilton

    it knows when you are sleeping

    it knows if you are bad or good so be good for goodness sake. So the fuck what, you almost assume it can do nasty things thats it's business if you can't spoof a program of this kind turn in your ID and hit the parking lot loser.

  6. Gordon Fecyk
    Pirate

    Security Companies to Users: "We're Doomed!!!!!!1111" But buy our stuff until then...

    Didn't Messagelabs say their company was doomed back in September 2001? I seem to recall they claimed...

    "one in ten emails transmitted via the Internet would contain a virus by 2007/8, and as many as one in two by 2013. And these are just average figures — when 'peak' rates are taken into account, with a new virus released, the ratio will become much worse."

    http://www.vmyths.com/column/1/2001/9/30/

    What could be much worse than one in two? Why, one in one, of course! By 2013, EVERY e-mail will contain a virus!

    So now we have security pundits saying the "Storm Worm" is so evil that it is taking down security companies. That doesn't give me much faith that they could protect my network, if they can't even protect their own networks.

    Hm?

  7. Adrian Esdaile
    Black Helicopters

    Nice PC you've got here...

    ...lots of data on it. Mmmm, nice pr0n collection, coupla gigs of MP3s and MPGs, and we see you've been playing Halflife2 as well. Ohhh, is that your docotral thesis in that folder? How's it coming along, hmmm?

    Be a SHAME if anything HAPPENED to it, huh?

    Reaaal shaaaame, if, say, perchance, a VIRUS destroyed yer disk, eh, BUDDY?

    Maybe you'd like some, er, PROTECTION? You know, from all those NASTY viruses, like, um, this STORM worm we've been, aaahhhhh, RESEARCHING?

    Is it just me, or is that really the business model of AV companies?

  8. Minh Hu
    Gates Horns

    Rumor: Russia purge all Windows computers as virus fears grow

    "These reports further state that both Russian and Chinese Military Authorities have ordered an 'immediate' end to use of all computing systems utilizing the Windows operating system for fear of their being infected with this devastating new virus."

    http://www.sott.net/articles/show/142348

    Wow!

  9. Steve Roper

    No one raindrop believes it is responsible for the flood

    Actually, if the AV companies are smart, they can turn this to their advantage. Such a DDoS attack gives them a list of IP addresses of computers infected with the Storm worm - the addresses of all the stupid idiots who click on every email with no regard to their own security or anyone else's.

    What to do? Hire some white hats to break into the botnets - Storm is a big security hole, so if the botnet herders can remote admin someone's computer, so can the white hats. What they can then do is issue a command to the Storm-infected computers to format their C: drives en masse.

    This will nail all those negative-IQ wankers who click on these "Hi Friend" scam emails and get infected. Not only will a clean format remove the Storm worm from the infected system, once these luser idiots start finding their harddrives getting formatted as a result of clicking on a sketchy email, they'll be a bit more careful where they put their mouse pointers in future!

    Education by pain and loss resulting from a mistake - that's how to make these stoopids learn.

  10. Anonymous Coward
    Paris Hilton

    Educate?

    I sadly fear that it is simply unreasonable to expect that any form of education is possible for many of these people. Indeed, that they ever had intelligence enough to breath is surprising, let alone having the intelligence to learn that "if you don't know the sender, don't open it!".

    Such stupidity is widespread - how else do you explain the continued existence of windoze (no apologies to the fucktards who think it is an insult to their intelligence to call windoze anything but their preferred name - IDIOT! If you run windoze then it is clear - YOU HAVE NO INTELLIGENCE!), or either of mickey$loths top virus importing programs - outhouse and IE. If intelligence ruled the average life, none of these would be around to torment the rest of us.

    Another area of dumbness - my neighbours have a direct link into my servers, giving them free internet. They use my email server as well.. Their wonderful, intelligent, helpful adult son, who is really good with computers, knows that ALL smtp servers have "smtp.domain" as their url, just like all pop3 servers have "pop3.domain" and so on. So intelligent that it never occured to him that some of us just use "domain", and if his parents email system was working fine like that, then probably he shouldn't be changing it, then complaining about the system no longer working.. The same intelligent one also was responsible for a shitload of virii and other crapware ending up on his parent's machine.

    His parents are now happy users of Ubuntu, their system has not had a problem since the day it was installed.

    I think that maybe the best idea would be, rather than just formatting their drives, switching them to something that looks like windoze but actually has something decent under the hood - something with some semblance of security.. Linux, OSX, BSD, some other *nix.

    Educating them won't work, because if they use IE or outhouse then they're beyond help. But making it so they can't get infected, well, that's another matter.

    Hmm.. Another possibility just sprang to mind.. Plant subliminal messages that tell them to take their computer to their nearest LUG (is the Apple equiv a "MUG"? :) ) and donate them, take it to their nearest charity.. Something like that might be good..

    Oh, my neighbour's son is really pissed off coz there's no way in hell he is getting the password to that machine.

    (Sorry - tired and "mildly annoyed" at having spent much of my friday night cleaning up yet another retard's fucked over crapware and malware infested windoze - surely we should be allowed to shove the mains lead up their arse and give them a shockingly harsh education in why "don't use that trash!" is NOT a request!)

  11. Steve Roper

    Re: Educate?

    >Sorry - tired and "mildly annoyed" at having spent much of my friday night cleaning up yet another retard's fucked over crapware and malware infested windoze - surely we should be allowed to shove the mains lead up their arse and give them a shockingly harsh education in why "don't use that trash!" is NOT a request!<

    I know exactly how that feels, mate! After a few repeated repair sessions for family members, I warned them about spyware and malware. The warnings were ignored, the likes of Limewire and Bearshare kept getting reinstalled and used, and joke emails kept getting clicked on... and the fortnightly phone calls continued. So I pulled the plug - no more free computer maintenance. Even for family.

    So then she had to pay a tech to come out at $100 an hour to fix it. Guess what? After my relative copped the first huge repair bill, Limewire and Bearshare were banned from their computer, the kids were told that if they opened any email attachments they'd be banned from the computer, and there's been no problems since. Now I've gone back to defragging their hard drive and doing a cleanup every few months, on the understanding that if I see email-based viruses, spyware or non-torrent fileshare programs on their system, they can go right back to paying a tech to fix it. Now they know I damn well mean it, problem solved.

    So for all you guys doing free maintenance for family and friends, if they don't act on your warnings, don't fix their machines! It's hard, and you cop a lot of flak and get called a bastard, but once their wallets have seen first-hand what your time is worth they appreciate it that much more.

This topic is closed for new posts.

Biting the hand that feeds IT © 1998–2021