New Flaw in Windows Facilitates More DDOS Attacks

Dr. Roy Schestowitz

2010-07-27 22:03:18 UTC
Modified: 2010-07-27 22:03:18 UTC

Summary: Shoddy Microsoft software continues to provide opportunities for disgruntled people to attack and take down servers they dislike

ANY Windows botnet which is enabled by "Zeus" (Zeus is known to be a cause of DDOS attacks) is already taking advantage of Microsoft's latest severe flaw which affects even fully patched Windows:

Miscreants behind the Zeus cybercrime toolkit and other strains of malware have begun taking advantage of an unpatched shortcut handling flaws in Windows. It was first used by a sophisticated worm to target SCADA-based industrial control and power plant systems.

No patch is available yet:

Security researchers have found more malware exploiting an unpatched Windows vulnerability via .LNK shortcut files.

According to Sophos blog July 23, two other pieces of malware have been observed targeting the bug. One is a keylogging Trojan the company is calling Chymin-A that is "designed to steal information from infected computers." The other is Dulkis-A, a "worm written in obfuscated Visual Basic" that contains several subcomponents.

More here:

Slovakian security firm Eset reports the appearance of two malware strains that exploit security vulnerabilities in the way Windows handles .lnk (shortcut) files, first used by Stuxnet to swipe information from Windows-based SCADA systems from Siemens.

We covered those SCADA incidents earlier today. This has a serious impact on the world's energy, not to mention those BP BSODs which we've already covered in [1, 2, 3].

The damage costs a lot of money and time (which can be equated to money) and the security world is "ill-equipped to solve digital whodunnits," reports The Register.

“A lot of those efforts are very unqualified and pedestrian,” said Parker, who is director of security consulting services at Washington, DC-based Securicon. “There's really not any science behind the efforts that many people have been making recently that have resulted in stories like China is attacking us, Russia is attacking us, Korea is attacking us.”

It is really hard to know where DDOS attacks come from these days. People don't control their Windows PCs, which can be hijacked and chained back to some botmasters whose interests are not known.

Georgia has an unfortunate DDOS story to tell about its national infrastructure; after years of investigation it is still not perfectly clear if the Russian government had something to do with it or not. One youngster claims responsibility, but can he be believed? It can be hard to verify. And if one youngster can paralyse an entire nation, what does that teach us about those Windows zombies he used? ⬆

Twitter as X-Rated Hatred: Criticising Microsoft is Not OK, Calling for Beheadings (With Bounties on People's Heads) is OK: Twitter automation missed 'hit job' advertising
Balancing Activism Against (or With) Basic Necessities and Daniel Cantarín on Our Collective Battle for Software Freedom Around the World: "I'm VERY angry about lots of stuff happening here in Argentina, all of it shielded behind the word "freedom"."
Links 16/08/2024: YouTube Bans and Surveillance Expanded: Links for the day
We Were Right All Along and the Collaborators of Microsoft Helped Competition Crimes of Microsoft: Once again vindicated regarding UEFI "secure boot"
[Meme] The New Windows Slogan: stat me up
Addendum: Associate's Notes on Free Software as a Labour Issue and the Connectivity Swindles: these are related issues/causes
Microsofters Infiltrating Roles of Authority and Government Positions to Protect Microsoft and to FUD Microsoft's Competition: friends of Microsofters who bully me and my wife
Links 16/08/2024: UK Skills Deficit and Kim Dotcom to be Extradited to the US (for Doing the Same Stuff GAFAM Does): Links for the day
Gemini Links 16/08/2024: Overgeneralisation and Games: Links for the day
Russia's Yandex 5 Times Bigger Than Microsoft... in Ukraine: They'd rather rely on the Kremlin than on Microsoft
[Meme] Gemini is Different, So What?: different, not worse
Now It's "Official": Over 4,000 Known Gemini Capsules in Lupa: For the first time ever
Clown Computing: Reprinted with permission from Dr. Andy Farnell
[Meme] What Freedom Means to IBM: Free labou
Over at Tux Machines...: GNU/Linux news for the past day
IRC Proceedings: Thursday, August 15, 2024: IRC logs for Thursday, August 15, 2024
From 99% in 2012 to 27% in 2024: How Microsoft Lost Georgia: What we're seeing is a migration from Windows to other platforms, notably GNU/Linux
To Understand Cisco's Mass Layoffs Look at the Company's Soaring Debt (Same at Microsoft): Look what's happening to Intel - down almost 60% since the start of the year, 57% to be precise
Windows Flying Low at 25%: It's another all-time low
[Meme] Long Texts You Never Bother Reading (Because Life is Too Short, Unlike Those Texts): The devil is in the terms of service
Links 15/08/2024: Monkeypox Hysteria and Modern Homesteaders Living Off the Grid: Links for the day
Gemini Links 15/08/2024: Confession of a Convention Game Master and Some Release nostalgia: Links for the day
Congratulations to Romania, Where Windows is Now "Minority Market Share" Platform: Time will tell if GNU/Linux can pass 5% on the desktop/laptop "form factor" there
Why It Matters That 4,000 Gemini Capsules Are Known to Lupa and Why Gemini Protocol Matters to Us: I have no doubt Gemini Protocol will continue to expand because it solves a real problem
Links 15/08/2024: Avast Surveillance Scandal Unsolved and Facebook Still Censors Terror Sympathisers: Links for the day
Daniel Cantarín's Response to Alexandre Oliva's Talk on Achieving Software Freedom in the Age of Platform Decay: Soylent News caught up with the series
4,000 Gemini Capsules: it's basically one capsule short of 4,000
"Microsoft is a Sponsor of The New Stack.": Many articles turn out to be just ads
New Highs for Android in Russia, But It's Reportedly Working on Its Own Linux-Based Operating Systems (GAFAM-Free): statCounter isn't equipped to properly parse user agents or to keep up
Upcoming Series: Terms of Service (TOS) Under the Microscope, FSF Party, GitHub Scandals, Clowns, and More: Right now we have way more material than we have time to cover. But that's a good thing.
Gemini Links 15/08/2024: Lies of Therapy and Web Applications: Links for the day
Software Freedom in Perspective - Part 5 - When Richard Stallman Came to Argentina: It might seem a bit harsh, but a discussion at the end of this series will tie things together and explain why those things were said
Over at Tux Machines...: GNU/Linux news for the past day
IRC Proceedings: Wednesday, August 14, 2024: IRC logs for Wednesday, August 14, 2024
Russia develops an alternative to Android and iOS | News.az: Russia already has several of its own operating systems
Links 14/08/2024: Ecology and War Inside Russia: Links for the day
Daniel Pocock - Use of Technology in European Parliament Election Campaign (Public Talk): It starts in 4 hours
Android About to Fly Past Windows in Portugal: Perhaps by month's end or next month Portugal will be orange (Android majority)
How OpenAI Will Decrease the Losses: You have no losses when you have no users left
Giving Control to Microsoft is Always a Dire, Huge Mistake: Microsoft is known for buying things and sabotaging things, not for creating things
Founders That Sell Their Company to Microsoft Speak Out: "Microsoft's closure of Arkane Austin in May was one of the more shocking events of the past couple of years"
In Chile, Microsoft's Web Browser (a Chrome Copycat) Fell to 3.6%, About the Same as Firefox and Opera and Less Than Safari, Yandex Browser, Google Chrome: It does not look like Chileans fancy Microsoft's browser. They go out of their way to use something else, even on Windows.
Software Freedom in Perspective - Part 4 - Daniel on Linux-based Mobile Platforms in LATAM (Latin America): GNU, Linux, and mobile
Almost Nothing of Invidious Left Online (YouTube is Attacking Gateways): what it looks like at this very moment
Gemini Links 14/08/2024: Funeral for an E-reader and a Mother Wants a Laptop: Links for the day
Links 14/08/2024: 8 Years of GDPR and Ridicule of "Hey Hi" (AI) Hype: Links for the day
This is How You Give Microsoft More Control Over LibreOffice Both as Software and as a Project: Didn't the Document Foundation learn from prior Microsoft Store scandals connected to LibreOffice?
"Heroes of Fedora" Are Just Salaried Employees of IBM (But "Community" is Just Sounding a Lot Nicer): A real community would not allow IBM a majority
YouTube Has Thrown Free Software Users Into a Crisis: For many Free software users, who rely on Invidious, YouTube is nearly dead already
[Meme] "New Chapter in the FSF.": We expect to have some coverage from this week's event
There is No I in "GAFAM" and Soon There Won't be I At All (Like Novell Vanished, Not Overnight, as It Took Over a Decade): Intel is going through the biggest crisis in its entire history
Over at Tux Machines...: GNU/Linux news for the past day
IRC Proceedings: Tuesday, August 13, 2024: IRC logs for Tuesday, August 13, 2024
It's a "sm0l" World and It Won't Outsource to the Pentagon Anymore: As many people aren't interested in a new PC - or simply cannot afford one - we can expect leaner operating systems to gain further
Software Freedom in Perspective - Part 3 - GNU/Linux in Argentinian Desktops/Laptops: Daniel explains why many years ago many PCs shipped with GNU/Linux and that there was an economic reason for it. At least in Argentina.
Tivoisation and Decommodification in Clown Computing: Some firms or organisations lost sight of what "servers" or "hosting" even mean
The News Vacuum: The problem is worse than just an absence of reporting
x86 Lowered the Standards of Hardware Products: A lot of it is just hacks and cheats that help fake performance

New Flaw in Windows Facilitates More DDOS Attacks

Recent Techrights' Posts