New Flaw in Windows Facilitates More DDOS Attacks

Dr. Roy Schestowitz

2010-07-27 22:03:18 UTC
Modified: 2010-07-27 22:03:18 UTC

Summary: Shoddy Microsoft software continues to provide opportunities for disgruntled people to attack and take down servers they dislike

ANY Windows botnet which is enabled by "Zeus" (Zeus is known to be a cause of DDOS attacks) is already taking advantage of Microsoft's latest severe flaw which affects even fully patched Windows:

Miscreants behind the Zeus cybercrime toolkit and other strains of malware have begun taking advantage of an unpatched shortcut handling flaws in Windows. It was first used by a sophisticated worm to target SCADA-based industrial control and power plant systems.

No patch is available yet:

Security researchers have found more malware exploiting an unpatched Windows vulnerability via .LNK shortcut files.

According to Sophos blog July 23, two other pieces of malware have been observed targeting the bug. One is a keylogging Trojan the company is calling Chymin-A that is "designed to steal information from infected computers." The other is Dulkis-A, a "worm written in obfuscated Visual Basic" that contains several subcomponents.

More here:

Slovakian security firm Eset reports the appearance of two malware strains that exploit security vulnerabilities in the way Windows handles .lnk (shortcut) files, first used by Stuxnet to swipe information from Windows-based SCADA systems from Siemens.

We covered those SCADA incidents earlier today. This has a serious impact on the world's energy, not to mention those BP BSODs which we've already covered in [1, 2, 3].

The damage costs a lot of money and time (which can be equated to money) and the security world is "ill-equipped to solve digital whodunnits," reports The Register.

“A lot of those efforts are very unqualified and pedestrian,” said Parker, who is director of security consulting services at Washington, DC-based Securicon. “There's really not any science behind the efforts that many people have been making recently that have resulted in stories like China is attacking us, Russia is attacking us, Korea is attacking us.”

It is really hard to know where DDOS attacks come from these days. People don't control their Windows PCs, which can be hijacked and chained back to some botmasters whose interests are not known.

Georgia has an unfortunate DDOS story to tell about its national infrastructure; after years of investigation it is still not perfectly clear if the Russian government had something to do with it or not. One youngster claims responsibility, but can he be believed? It can be hard to verify. And if one youngster can paralyse an entire nation, what does that teach us about those Windows zombies he used? ⬆

SLAPP Censorship - Part 32 Out of 200: Garrett Made Spurious Requests (Later Withdrawn) the Same Week Someone He Later Spoke to by E-mail Sent Threats to Our Webhost: The "plot thickens" because there's a multi-party tag-team act, as confirmed by Garrett after he had sworn on the Bible
GNU/Linux Measured at All-Time High in Sweden: Can 'influencers' have played a role
Links 03/04/2026: Rejection of More Software Patents and Social Control Media in Several Continents: Links for the day
Malware in Proprietary Software - Latest Additions by Rob Musial: Original published yesterday in gnu.org
Visual Evidence/Documentation of IBM Dying Like the Dinosaurs: IBM has many of these giant white elephants lying around, with some getting demolished
Links 03/04/2026: USPTO’s Latest Greenwashing and Internet Blackouts Impact Journalists in War Zones: Links for the day
IBM is a Dying Company, Nowadays It Kills Red Hat With Slop: when your last day is a national holiday in IBM's country
"Independence Drives" and Community-Run Sites: Independence in reporting is a much-valued trait
When Charlatans Are Only Good at Losing Money and Storytelling (e.g. About Investment in Them): Wait till a a barrel of oil costs $300
What Apple Fans Are Missing: Apple is a bad company
The "Pale Blue Dot" Moment Had Returned: To many people, the "bitter-sweet" observation of how small we are
Saudi Arabia Does Not Rely Much on Microsoft/Windows: Putting aside politics, this is good for Free software
Almost 12 Years of Exposing Corruption in Europe's Second-Largest Institution: The "unready" President is now an abandoned President
Easter Moon Mission and Its Reminder of IBM's Demise: A lot of NASA operations now rely on GNU/Linux
When Power is Scarce and GNU/Linux Has Power: In Cuba, GNU/Linux has long enjoyed high adoption rates
Don't Totally Dismiss the 'Survivalists': 'Survivalists' or similar terms are used to describe a particular mindset of people who prepare for some really awful scenarios
Over at Tux Machines...: GNU/Linux news for the past day
IRC Proceedings: Thursday, April 02, 2026: IRC logs for Thursday, April 02, 2026
A Much Better Use of Fuel Than Slop: Something positive for a change
Hoping for Peace: There are still many things to be enjoyed, including nature and kind people
Gemini Links 03/04/2026: "Slide Rule Triple Multiplication" and End of "Picture Pages": Links for the day
Rumours of Microsoft Layoffs This Season: Just how much trouble is Microsoft in at this point?
SLAPP Censorship - Part 31 Out of 200: Speaking About 20+ Years of Alleged Harassment/Defamation and High-Profile 'Targets' of Garrett: attempts were made to settle (in effect end the case) by the person who started the case almost half a dozen times along the way
In Asia, Windows is in Its Teens (Below 20%): On a global scale, Windows is down to about 26%
GNU/Linux Becoming More Universal: It seems likely the end of Vista 10 coinciding with a sharp rise in memory prices (and now energy prices) will benefit GNU/Linux and therefore give us more to write about
Low Morale at IBM and Perception of Destructive Management: IBM is going nowhere, fast
Gemini Links 02/04/2026: Super Mario Galaxy Movie and New Antenna Instance: Links for the day
It Seems Like Google News Cracked Down on (Omitted, Delisted) a Lot of Slopfarms: There's no justification/point in spending so much energy just to plagiarise things poorly
Can Economies Like the American One Hang On?: The coming weeks will be "interesting" unless wars end
Steam Survey for Last Month Says 5.33% Use GNU/Linux: big leap for GNU/Linux
Links 02/04/2026: Science News, Energy Scarcity, Oil Sold in Yuan: Links for the day
Links 02/04/2026: Apple Turns 50, Efforts To Ban VPNs: Links for the day
Gemini Links 02/04/2026: Kubernetes With FreeBSD, OFFLFIRSOCH, and Great Circle Distance: Links for the day
Dr. Andy Farnell on Microsoft Silencing or Deplatforming Opposition in the UK and Elsewhere: Microsoft as a king or a kind of "religion" one cannot question
Over at Tux Machines...: GNU/Linux news for the past day
IRC Proceedings: Wednesday, April 01, 2026: IRC logs for Wednesday, April 01, 2026
SLAPP Censorship - Part 30 Out of 200: The Time We Reported Abuse to Greater Manchester Police (GMP) and It Was Escalated to Its Cybercrime Unit: he started trolling and harassing me for criticising his employers' monopolistic and users-hostile agenda
'Modern' Cars Not a Rosy Industry: The current "modern" cars already have a shelf life similar to that of many toothpastes
Wrongthink Detector and Filter in "Think About the Children" Clothing: It is not about "age verification", it's a Trojan horse for social control
IBM Facilities Now Deemed Legitimate (Military) Target, Along With GAFAM Bases: Does IBM have any defences in place to protect against "downtime by explosions"?
What Happens When Some Large News Sites Turn to Slop and Spew Out Nonsense: LLM slop makes such grotesque mistakes abundant
Hardly Seeing Slopfarms Today, Even in Google News: Google's adventures with slop increased its debt significantly
Links 01/04/2026: Quantum Hype (Turing and Google), "US Fuel Prices Surge Past $4 a Gallon": Links for the day
Gemini Links 01/04/2026: "Sacred Week of Cycling" and Zenity for Scripts: Links for the day
Losing Debian: Sruthi Chandran election flop: Reprinted with permission from Daniel Pocock
French judgment: parasitisme by FSFE & Matthias Kirschner (CO23.002709): Reprinted with permission from Daniel Pocock
Microsoft Uses April Fools to 'Joke' About Inserting "Age Verification" (Surveillance) Into Linux: MinceR says the "lkml [message/page] one is April Fools or at least they're trying to pass it off as April Fools [however] the [GitHub] one was archived on the 8th and yesterday, so that probably isn't..."
IBM "Headcount Reductions" by Early Retirement and Death: The tragedy at IBM started 33 years ago on the first of April
Red Hat: Latin-1 character set under threat from Bishop Michael Martin, North Carolina: Reprinted with permission from Daniel Pocock
Links 01/04/2026: Microsoft GitHub Now Pushing Ads Into People's Code/Commits, Earth Overshoot Day Draws Nearer: Links for the day
What IBM and EPO Workers Have in Common: European Media Not Covering Very Major News (Press Became Dysfunctional): Are IBM operatives working to scuttle the process of investigative journalism?
Free Speech in the United Kingdom When "Chilling Effect" is Increasingly Prevalent: If politicians cannot even use a term like "parasitic behaviour", then where do we as a society end up?
Oracle Lays Off Because of Debt and Commercial Issues, Not Slop: Like Scam Altman, Larry Ellison hangs around Cheeto King because he could use some bailouts in the form of government contracts or phony money with an incredible name like "Stargate"
The Real Reason Many Sites and Forums Shun Microsoft Lunduke: When forums say that they banned Microsoft Lunduke or don't want him mentioned it's probably because they are familiar with the "stench" that follows him around
Gemini Links 01/04/2026: Hallucinations, Stitching, and Type Systems: Links for the day
Lots of Layoffs at IBM, "Media Blackout" About Mass Layoffs at IBM's HashiCorp and Confluent Last Month: IBM is a dying company circling down the drain while manipulating or paying the media to pretend everything is fine
Microsoft Under Investigation by the UK's Competition and Markets Authority (CMA) for Abusive Tactics: What's noteworthy is that this is "set to begin in May"
Sounds Like Red Hat (IBM) Layoffs in Slop Clothing: This is an IBM policy. They try to justify staff cuts.
Over at Tux Machines...: GNU/Linux news for the past day
IRC Proceedings: Tuesday, March 31, 2026: IRC logs for Tuesday, March 31, 2026

New Flaw in Windows Facilitates More DDOS Attacks

Recent Techrights' Posts