Bonum Certa Men Certa

New Flaw in Windows Facilitates More DDOS Attacks

Stachledraht DDOS attack



Summary: Shoddy Microsoft software continues to provide opportunities for disgruntled people to attack and take down servers they dislike

ANY Windows botnet which is enabled by "Zeus" (Zeus is known to be a cause of DDOS attacks) is already taking advantage of Microsoft's latest severe flaw which affects even fully patched Windows:

Miscreants behind the Zeus cybercrime toolkit and other strains of malware have begun taking advantage of an unpatched shortcut handling flaws in Windows. It was first used by a sophisticated worm to target SCADA-based industrial control and power plant systems.


No patch is available yet:

Security researchers have found more malware exploiting an unpatched Windows vulnerability via .LNK shortcut files.

According to Sophos blog July 23, two other pieces of malware have been observed targeting the bug. One is a keylogging Trojan the company is calling Chymin-A that is "designed to steal information from infected computers." The other is Dulkis-A, a "worm written in obfuscated Visual Basic" that contains several subcomponents.


More here:

Slovakian security firm Eset reports the appearance of two malware strains that exploit security vulnerabilities in the way Windows handles .lnk (shortcut) files, first used by Stuxnet to swipe information from Windows-based SCADA systems from Siemens.


We covered those SCADA incidents earlier today. This has a serious impact on the world's energy, not to mention those BP BSODs which we've already covered in [1, 2, 3].

The damage costs a lot of money and time (which can be equated to money) and the security world is "ill-equipped to solve digital whodunnits," reports The Register.

“A lot of those efforts are very unqualified and pedestrian,” said Parker, who is director of security consulting services at Washington, DC-based Securicon. “There's really not any science behind the efforts that many people have been making recently that have resulted in stories like China is attacking us, Russia is attacking us, Korea is attacking us.”


It is really hard to know where DDOS attacks come from these days. People don't control their Windows PCs, which can be hijacked and chained back to some botmasters whose interests are not known.

Georgia has an unfortunate DDOS story to tell about its national infrastructure; after years of investigation it is still not perfectly clear if the Russian government had something to do with it or not. One youngster claims responsibility, but can he be believed? It can be hard to verify. And if one youngster can paralyse an entire nation, what does that teach us about those Windows zombies he used?

Recent Techrights' Posts

[Meme] 9AM Meeting at Brett Wilson LLP
Brett Wilson LLP in space
 
Free Software Foundation Reaches 75% of Funding Goal
Not bad for this "Fosschild"
Slopwatch: 7 New Examples of Fake 'Linux' Slop Pieces (Plagiarism With Misinformation)
Serial Sloppers need to be shunned
Links 19/07/2025: Kapo-berg Settles, Software Patents Challenged
Links for the day
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Friday, July 18, 2025
IRC logs for Friday, July 18, 2025
Links 18/07/2025: Peace With PKK and Connie Francis Dies
Links for the day
Gemini Links 18/07/2025: Alhena 5.1.8 and Bornhack 2025
Links for the day
How to Top Up a "Limited Liability" With Even More Limitations (Dodging Accountability in the UK)
Some people call it a "shell game". Sometimes it's done for tax evasion purposes.
Free Software Foundation, Inc. (FSF) Inches Towards 75% of Fund-Raising Target
Will the cutoff date be extended again?
Gemini Space (or Geminispace) Grows, But Usage of Certificate Authority Let's Encrypt Drops Further
Ideally, all Gemini capsules should use self-signed certificates
Links 18/07/2025: More Microsoft Layoffs in Activision, The New Stack (Sponsored by Microsoft) Complains About Openwashing
Links for the day
Gemini Links 18/07/2025: OCC25 Gnus for Reading Usenet and RSS Feeds, Small Web Updates
Links for the day
Listing as Staff People Who Left the Company More Than Six Years Earlier
There are apparently no laws against that
Brian Fagioli Shovels Up LLM Slop (Plagiarism) Onto Slashdot, Then Uses Slashdot for Affirmation or as Badge of Honour
Notice how some of his latest slop is presented ("as featured on Slashdot")
Social Control Media Productivity
Snapping photos of the bone
The Law Firm SLAPPing Us For the Microsofters Lost 72% of Its Tangible Assets in the Past Year, According to Its Own Reports
That might help explain why they're willing to tolerate serial stranglers from Microsoft as clients
Slopwatch: LinuxSecurity.com Slopfarm and Slopfarms Propped Up by Google News
"As LLM slop is foisted onto the WWW in place of knowledge and real content, it now gets ingested and processed by other LLMs, creating a sort of ouroboros of crap."
Links 18/07/2025: Weather Events and Health Hazards
Links for the day
Microsoft's All-Time Low in Finland
Microsoft is in a freefall
Security: Shane Wegner & Debian statement of incompetence
Reprinted with permission from Daniel Pocock
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Thursday, July 17, 2025
IRC logs for Thursday, July 17, 2025
Gemini Links 17/07/2025: "Goodreads for Gemini" and Defence of "The Small Web"
Links for the day
Links 17/07/2025: Anger and Morale Issues at Microsoft, Wars and Conflicts Get Digital
Links for the day
CALEA / CALEA2 is the Real Problem, Not Chinese Operatives Exploiting CALEA / CALEA2 (as Any Other Nation Can)
CALEA / CALEA2 is more of a front door than a back door
99.99% Uptime in First Half of 2025
Since January there was only one noticeable outage
Nils Torvalds and Anna "Mikke" Torvalds (née Törnqvis) Hopefully Use GNU/Linux by Now
"Torvalds Family Uses Windows, Not Linus’ Linux"
Attack of the Slopfarms
FUD-amplifying bots with slop images, slop text (LLM slop)
When People Call a Best/Close Friend of Bill Gates a "Serial Rapist"
Good thing that the Linux Foundation keeps the "Linux" trademark ("Linux Mark") clean
Not My Problem, I Don't Care
Context/inspiration: Martin Niemöller
Honest Journalism About the European Patent Office Ceased to Exist After SLAPPs and Bribes to the Media
The EPO is basically a Mafia
Microsoft Bankruptcy in Russia, Shutdown in Pakistan, What Next?
It seems possible that in 2025 alone Microsoft will have laid off over 50,000 workers
Life Became Simpler When I Stopped Driving and I Don't Miss Driving When I See "Modern" Cars
Gee, wonder why car sales have plummeted...
Why I Believe Brett Wilson LLP and Its Microsoft Clients Are All Toast
So far our legal strategy has worked perfectly
EPO Jobs Are Very Toxic and Bad for One's Health
Health first, not monopolies
Response to Ryo Suwito Regarding the Four Freedoms
the point of life isn't to make more money
Microsoft's Morale Circling Down the Drain
Or gutter, toilet etc.
What Matters More Than "Market Share"
The goal is freedom, not "market share"
Tech Used to be Fun. To Many of Us It's Still Fun.
You can just watch it from afar and make fun of it all
Links 17/07/2025: "Blog Identity Crisis" and Openwashing by Nvidia
Links for the day
Greffiers and the US Attorney of the Serial Strangler From Microsoft
The lawsuit can help expose extensive corruption in the American court system as well
Credit Suisse collapse obfuscated Parreaux, Thiébaud & Partners scandal
Reprinted with permission from Daniel Pocock
The People Who Promoted systemd in Debian Also Promote Wayland
This is not politics
UK Media Under Threat: Cannot Report on Data Breach, Cannot Report on Microsoft Staff Strangling Women
The story of super injunction (in the British media this week, years late)
Victims of the Serial Strangler From Microsoft, Alex Balabhadra Graveley, Wanted to Sue Him But Lacked the Funds (He Attacked Their Finances)
Having spoken to victims of the Serial Strangler From Microsoft
Links 17/07/2025: Science, Hardware, and Censorship
Links for the day
Gemini Links 17/07/2025: Staying in the "Small Web" and Back on ICQ
Links for the day
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Wednesday, July 16, 2025
IRC logs for Wednesday, July 16, 2025