EditorsAbout the SiteComes vs. MicrosoftUsing This Web SiteSite ArchivesCredibility IndexOOXMLOpenDocumentPatentsNovellNews DigestSite NewsRSS

01.18.09

Microsoft Botnets: The Chaos Continues

Posted in Microsoft, Security, Windows at 6:50 pm by Dr. Roy Schestowitz

Zombie
Fear not the Windows zombies

There are many ways to “Suck at Information Security”, but one easy way is to choose a platform that leads to entire military bases getting cracked.

The British military is one of the very few which choose this tactless route even for nuclear submarines and it costs it dearly.

Virus ‘sends RAF e-mails to Russia’

THE Ministry of Defence is investigating a major breach in security amid claims that all e-mail traffic from a number of RAF stations has been sent to a Russian internet server.

The e-mails were allegedly diverted to the Russian sender by a worm virus that entered the MoD systems 12 days ago bringing down computers and blocking e-mail communications across the military.

The world is already filled with about 320 million Windows PCs that are zombies, so what’s another massive botnet anyway?

New Botnets Replace Vanquished Pests

Although the shutdown of a California Web hosting company eradicated several prominent botnets last year, others have stepped up to fill the gaps, a security researcher says.

Gone from the landscape, said Joe Stewart, director of research at Atlanta-based SecureWorks Inc., are “Srizbi” and “Storm,” the botnets Stewart ranked as No. 1 and No. 5, respectively, in an April 2008 botnet census.

How can anyone combat Windows worms that appear all the time in new forms?

A variant of a malicious worm that targeted Microsoft Windows now is spreading via USB sticks, researchers say.

Security company BitDefender Labs, based in Bucharest, Romania, detected the Windows worm variant in late December. The original worm known as Win32.Worm.Downadup, first made its appearance in late November, exploiting a Microsoft vulnerability in the Windows RPC Server Service. Since then, it has rapidly spread across numerous corporate networks with the aim of distributing malicious software on susceptible computers.

Even an Instant Messaging (IM) program is no longer safe because Microsoft turned simple communication protocols into something that can invoke unknown executables.

Internet MSN users are warned. Some programme writers are now using IM to spread malicious programs such as viruses and worms. These viruses can spread when a person opens an infected file, such as pictures of pornographic nature, that is sent through IM by someone who appears to be a contact.

Why is a program for exchange of text leading to the running of untrusted code? This is an architectural deficiency that would prove costly. Outlook and ActiveX are almost perfect examples and they requires no social engineering to lead to a raft of menaces.

“Our products just aren’t engineered for security.”

Brian Valentine, Microsoft executive

Share this post: These icons link to social bookmarking sites where readers can share and discover new web pages.
  • Digg
  • del.icio.us
  • Reddit
  • co.mments
  • DZone
  • email
  • Google Bookmarks
  • LinkedIn
  • NewsVine
  • Print
  • Technorati
  • TwitThis
  • Facebook

If you liked this post, consider subscribing to the RSS feed or join us now at the IRC channels.

Pages that cross-reference this one

3 Comments

  1. Needs Sunlight said,

    January 19, 2009 at 9:15 am

    Gravatar

    The recurrence of MSN worms ought to be a warning that it’s past time to switch IM protocols and networks, for those still in the stoneage.

    MSN, live.com, and any other worm site ought to be blocked at the firewall. Same for ports used by MS Messenger.

    XMPP and Jabber are the next-generation chat/messenging protocols. Use them or lose out.

  2. The Mad Hatter said,

    January 19, 2009 at 9:09 pm

    Gravatar

    And of course whenever a worm/virus/security hole is mentioned in the news, they never mention that it’s a Microsoft only problem, and if you point this out to the news media, they don’t take any action. The fact that Microsoft is often one of their major advertisers has nothing to do with this of course.

  3. Roy Schestowitz said,

    January 19, 2009 at 10:07 pm

    Gravatar

    Here’s an E-mail that I received this morning (for sharing):


    Hi, Roy,

    Here’s an example of pro-MSFT spin on headlines. All it takes is one
    bad member on the editorial team and an entire publication can be
    compromised, like here:

    http://www.cnn.com/2009/TECH/ptech/01/16/virus.downadup/index.html?eref=rss_tech” title=”Downadup virus exposes millions of PCs to hijack

    The title is “Downadup virus exposes millions of PCs to hijack”. If we
    stick with the standard usage of the verb “expose” then the correct
    title is “Windows exposes millions of PCs to hijack”


    Had it been a Linux worm, there would probably be a different headline, no? The mythology of Microsoft is that “all computers” are not secure and “Windows is the standard”.

What Else is New


  1. Short Report From Today's EPO Protest in Munich

    A few noteworthy points about the staff protest which coincided with the Administrative Council's meeting earlier today in Munich



  2. Growing Consensus Even Among Patent Professionals That UPC is Dying Everywhere If Not Just in the UK

    The UPC continues to sink as more and more people come to grips with the complexity of the current situation, irrespective of what countries other than the UK do next



  3. Battistelli Attacks Not Only His Staff But Also Patents Themselves (Their Quality) and the Legal Legitimacy Surrounding the EPO

    Battistelli's EPO is having not only reputation problems but also staff retention problems, patent quality problems and problems pertaining to perception of fair trials or justice regarding patents



  4. Battistelli is Creating an Atmosphere of Terror at the EPO While Exploiting Terror Attacks to Garner Sympathy

    "As if Laurent were a terrorist, the Office has imposed a house arrest and has forbidden him to enter the EPO premises," according to SUEPO, writing about one of its members at The Hague who is "maliciously accused via a fabricated procedure"



  5. Rumours That EPO President Battistelli Got Sacked to be Replaced by Christoph Ernst Appear to be Baseless

    Dr. Christoph Ernst is claimed to be the successor (interim or permanent) of the notorious Battistelli, but these claims have little or no evidence to support them



  6. Links 29/6/2016: SteamOS 2.83 Beta, Alpine Linux 3.4.1

    Links for the day



  7. The EPO Has Become Battistelli's Circus and the Administrative Council Has Been Reduced to (Illegal) Circus Animals Controlled With 'Treats'

    Battistelli's attack on justice and on the rule of law is debated among insiders who have grown increasingly impatient with the Administrative Council's tolerance of Battistelli and sometimes even Kongstad's amazing complicity



  8. The Latest Lies About the Unitary Patent (UPC) Would Have Us Believe That It's Alive and Well

    How patents-centric sites (some of which are in bed with the EPO) have responded to the 'Brexit' vote and why they're not telling us the truth about the Unitary Patent scam (often created and promoted by the same people who run and/or fund such sites)



  9. EPO Management Bunker: “The Bailiff Who Came to Deliver the Subpoena was Escorted off the Property by Five Security Guards.”

    Battistelli has essentially turned the European Patent Office (EPO) into a barracks, where he continues to enjoy immunity from the rule of law and discourages those who wish to challenge this immunity



  10. Keeping the Guard and Securing Society From Software Patents

    The policies over which Indians and Europeans have kept guard are being 'stolen' by vested interests



  11. Benoît Battistelli Further Weaponises His EPO 'Stasi' With CA/52/16

    A glimpse at what Benoît Battistelli will shortly attempt to do to the EPO, in order to cement his power in the face of growing opposition from many directions



  12. EPO Caricature: Administrative Council Control of Benoît Battistelli

    Another new caricature regarding the President of the European Patent Office (EPO) and lack of effective oversight from the Administrative Council (European Patent Organisation)



  13. EPO Caricature: Firing Benoît Battistelli

    The latest caricature regarding the President of the European Patent Office (EPO)



  14. Links 28/6/2016: Red Hat Summit 2016, Hadoop Events

    Links for the day



  15. Today's Media Coverage Says Microsoft Loves Linux, But Today Microsoft Extorted Linux Using Software Patents Again

    Luna Mobile has just been extorted by Microsoft (using dubious software patents, as usual) for using Android/Linux, but Microsoft-influenced media carries on spreading the lie that "Microsoft loves Linux"



  16. New Efforts to Work Around Barriers to UPC in Light of 'Brexit'; Behind These Efforts Are Self-Serving Patent Profiteers

    look at who's trying to work around the latest barriers to the widely-unwanted (by the public) Unitary Patent regime and what is being planned behind the scenes, or behind closed doors (by and for those who stand to profit from the Unitary Patent regime)



  17. Injunction Against Battistelli's Investigative Unit (Known Internally as 'Gestapo') Amid Serious Injustices and Bogus 'Trials'

    SUEPO, the EPO's staff union, steps up its spiel in a case against the "European Patent Organization" as defendant and "SUEPO/VEOB" (Trade Union of the European Patent Office) as claimants



  18. [ES] Con la UPC Muerta por el Resto del Termino de Battistelli, No Hay Razón para que la EPO o el Consejo Administrativo Sigan Manteniéndolo Más

    Pensamientos acerca de lo que pasará al líderazgo de la EPO después de ‘Brexit’ (salida Británica de la EU), lo que sevéramente socava el proyecto más grande de Battistelli el que usaba habituálmente para justificar sus increíbles abusos



  19. [ES] El Caradura Benoît Battistelli Debería Renunciar a Luz de la Filtrada Nueva Decisión en Su Vendeta en Contra de un Juez que se Atrevió a Decir la Verdad (Actualizado)

    Benoît Battistelli continúa quebrando las propias reglas de la EPO, no sólo las leyes naciónales, como una nueva decisión ayuda a revelar



  20. [ES] Cada Vez Más Parece Que Battistelli está Escondiéndo ‘Evidencia’ Falsa y/o Ilegalmente Obtenda de la Unidad Investigativa de la EPO

    El porqué creemos que Benoît Battistelli está cada vez mas desesperado de esconder operaciónes ilícitas de reunir ´evidencia´ lo que eventuálment lo puso a él mismo — no al acusado — en una situación catastrófica situacion que lo puede forzar (esperamos) a us renuncia



  21. Links 28/6/2016: Vista 10 Updategate, OpenMandriva 3.0 Beta 2

    Links for the day



  22. Links 27/6/2016: Linux 4.7 RC 5, OpenMandriva Lx 3.0 Beta 2

    Links for the day



  23. From Alleged Organised Crime to Vice-President of the European Patent Office (EPO)

    Željko Topić's situation in Croatia illuminated by means of recent documents from the authorities



  24. Battistelli May Still be on the Way Out as Pressure Grows in Germany, UPC in Shambles

    Pressure on Battistelli is growing even from within circles that are traditionally protective of him and a long letter is sent to Dr. Christoph Ernst, who some believe will replace Battistelli



  25. Caricature: European Patent Office (EPO) Under Battistelli

    The latest caricature about the state of the European Patent Office (EPO)



  26. Techrights (Almost) at 10: From Software Patents to Novell and to Present Focus on EPO

    A short story about how and why we ended up writing so much about the European Patent Office (EPO) and the impact beyond Europe



  27. Patents Roundup: Bad Quality (USPTO), Bad Analysis (India), Bad Microsoft, Bad Actors (Trolls), Bad Scope (Software Patents), and the Ugly

    A mishmash of news about patents, mostly regarding the United States, and what can be deduced at the moment



  28. Links 26/6/2016: IceCat 38.8.0, Wine 1.9.13

    Links for the day



  29. With UPC Dead for Battistelli's Entire Remaining Term, No Reason for the EPO or the Administrative Council to Keep Battistelli Around

    Thoughts about what happens to the EPO's leadership after 'Brexit' (British exit from the EU), which severely undermines Battistelli's biggest project that he habitually used to justify his incredible abuses



  30. Links 24/6/2016: Xen Project 4.7, Cinnamon 3.0.6

    Links for the day


CoPilotCo

RSS 64x64RSS Feed: subscribe to the RSS feed for regular updates

Home iconSite Wiki: You can improve this site by helping the extension of the site's content

Home iconSite Home: Background about the site and some key features in the front page

Chat iconIRC Channel: Come and chat with us in real time

CoPilotCo

Recent Posts