10.05.10

Gemini version available ♊︎

Windows Users Still Under Attack From Stuxnet, Halo, and Zeus

Posted in Microsoft, Security, Windows at 12:52 am by Dr. Roy Schestowitz

Would you trust Microsoft Windows in nuclear programmes?

Nuclear artillery
GRABLE EVENT – Part of Operation Upshot-Knothole, was a 15-kiloton test fired from a 280-mm cannon on May 25, 1953 at the Nevada Proving Grounds. Frenchman’s Flat, Nevada – Atomic Cannon TestHistory’s first atomic artillery shell fired from the Army’s new 280-mm artillery gun. Hundreds of high ranking Armed Forces officers and members of Congress are present. The fireball ascending. (source: Wikipedia)

Summary: Stuxnet — perhaps best known for its effects on Microsoft Windows-dependent nuclear programmes — is now a Chinese concern as well; Windows users are still under heavy artillery from malware

ALL WE have been saying about Stuxnet so far can be found in the following posts (this epidemic is still out of control):

  1. Ralph Langner Says Windows Malware Possibly Designed to Derail Iran’s Nuclear Programme
  2. Windows Viruses Can be Politically Motivated Sometimes
  3. Who Needs Windows Back Doors When It’s So Insecure?
  4. Windows Insecurity Becomes a Political Issue
  5. Windows, Stuxnet, and Public Stoning
  6. Stuxnet Grows Beyond Siemens-Windows Infections
  7. Has BP Already Abandoned Windows?
  8. Reports: Apple to Charge for (Security) Updates
  9. Windows Viruses Can be Politically Motivated Sometimes
  10. New Flaw in Windows Facilitates More DDOS Attacks
  11. Siemens is Bad for Industry, Partly Due to Microsoft
  12. Microsoft Security Issues in The British Press, Vista and Vista 7 No Panacea
  13. Microsoft’s Negligence in Patching (Worst Amongst All Companies) to Blame for Stuxnet
  14. Microsoft Software: a Darwin Test for Incompetence
  15. Bad September for Microsoft Security, Symantec Buyout Rumours
  16. Microsoft Claims Credit for Failing in Security
  17. Many Windows Servers Being Abandoned; Minnesota Goes the Opposite Direction by Giving Microsoft Its Data

The risk of accidental nuclear exchanges is said to be on par with if not greater than that of a man-triggered nuclear war. In the Cuban Missile Crisis, a Soviet submarine was just seconds away from launching nuclear missiles into US targets (the report was unsealed only decades later) and just over a decade ago antiquated Russian equipment almost fired automatically at false alarms of nuclear war (it was manually prevented before an accidental nuclear war could be started). The danger of Microsoft Windows in such sensitive operations ought to become apparent. Other than man-made global warming/peak oil/famine, the greatest threat to human survival is said to be those 50,000+ nuclear warheads which are kept under control by one operating system or another.

“Iran arrests Stuxnet ‘nuclear spies’,” reports IDG.

Iran says it has detained a number of ‘nuclear spies’ in connection with the Stuxnet malware attacks on its nuclear programme computer systems last week.

Who has been arrested and on what evidence has not yet been explained, but the country’s Intelligence Minister, Heidar Moslehi, adopted a triumphant tone in reported comments made to the Iranian Mehr News agency and domestic TV sources.

The fear finally spreads to China, which is another country the West loves to fear. “Nationwide holiday ups China’s risk to Stuxnet,” says this new headline.

Computer hackers have warned that the week-long National Day holiday in China that began Friday could leave the country vulnerable to further attacks from Stuxnet, according to a report by news agency AFP.

It turns out that Stuxnet has been out there for quite some time:

Sophisticated stuxnet malware is approaching 18 months old

[...]

The report reveals that Stuxnet is a complex piece of code that generates no less than 32 payload exports and can spread in multiple environments, including in local area networks using a vulnerability in the Windows print spooler, as well as tapping Windows Server to hit smaller enterprises.

When it’s estimated that one in two Windows PCs is a zombie PC and reporters still fail to call out Windows, how will anyone ever wisen up? Even a Microsoft console game, Halo [1, 2], has become a vector for infecting Windows based on this news:

Gamers looking to get the Recon Armor in the latest iteration of the Halo franchise (Halo: Reach) should think twice about using “alternative” methods.

Microsoft is warning fans of the game to steer clear of some code generators which promise to deliver the rare armor, but instead infect their computers with malware.

The Windows-only Zeus, which we wrote about in [1, 2, 3, 4, 5], is targeting Linkedin users who are running Windows at the moment:

Nevertheless, if anyone is affected with the spam mail, Cisco recommends that that person should reset his passwords since the Zeus Trojan attack seizes login credentials and passwords.

Why go through all this complexity/trouble? If my parents use GNU/Linux on the desktop, everyone can too. It’s not that hard (in certain ways it’s easier) and it is a lot safer.

Share in other sites/networks: These icons link to social bookmarking sites where readers can share and discover new web pages.
  • Reddit
  • email

Decor ᶃ Gemini Space

Below is a Web proxy. We recommend getting a Gemini client/browser.

Black/white/grey bullet button This post is also available in Gemini over at this address (requires a Gemini client/browser to open).

Decor ✐ Cross-references

Black/white/grey bullet button Pages that cross-reference this one, if any exist, are listed below or will be listed below over time.

Decor ▢ Respond and Discuss

Black/white/grey bullet button If you liked this post, consider subscribing to the RSS feed or join us now at the IRC channels.

DecorWhat Else is New


  1. Links 8/12/2021: Linux 5.15.7 Out, Linux Mint 20.3 is Near

    Links for the day



  2. Links 8/12/2021: Zorin OS 16 Milestone and Calculate Linux 22 Released; Kubernetes 1.23

    Links for the day



  3. A Call for Sources and Whistleblowers From Microsoft's GitHub

    Remarks on our publications from this morning and a call for more leakers and whistleblowers, who know GitHub better than anybody else (including lots of fools who still outsource all of their hard labour to Microsoft through GitHub)



  4. [Teaser] Rape is Not a Joke

    Having just uploaded a police report, we’re starting to move the ongoing series to the next phase, which will still be — for the most part — weekly installments on Mondays (for months to come)



  5. [Teaser] Meet Microsoft’s Chief Architect of GitHub Copilot, Balabhadra (Alex) Graveley

    Alex Graveley, a serial abuser, has been protected by Microsoft; what does that say about Microsoft and about Nat Friedman, GitHub’s CEO whom Alex considers his "best friend"? Stay tuned as we have plenty more to show



  6. IRC Proceedings: Tuesday, December 07, 2021

    IRC logs for Tuesday, December 07, 2021



  7. Links 8/12/2021: FreeBSD 12.3, EasyOS 3.1.13, and WordPress 5.9 Beta 2

    Links for the day



  8. [Meme] EU Assurances

    The EPO‘s staff cannot be blamed for losing patience as elected public representatives completely fail to do their job (with few exceptions)



  9. Clare Daly (GUE/NGL) Does What Every Public Official in Europe Should Have Done About EPO Shenanigans

    There’s another (new) push to hold the EPO accountable, seeing that the overseers clearly do not do their job and instead cover up the abuses



  10. Links 7/12/2021: Firefox 96 Beta and Fedora 37 Abandons ARMv7

    Links for the day



  11. Links 7/12/2021: Plasma Mobile Gear 21.12 and Tails 4.25

    Links for the day



  12. All IRC Logs Now Available as GemText Over Gemini Protocol

    Today we've completed the transition from plain text over gemini:// to GemText over gemini:// for IRC logs



  13. IRC Proceedings: Monday, December 06, 2021

    IRC logs for Monday, December 06, 2021



  14. [Meme] Rowing to the Bottom of the Ocean

    The EPO‘s Steve Rowan (VP1) is failing EPO staff and sort of “firing” workers during times of crisis (not at all a crisis to the EPO’s coffers)



  15. EPO Gradually Reduced to 'Fee Collection Agency' Which Eliminates Its Very Own Staff

    Mr. Redundancies and Mr. Cloud are outsourcing EPO jobs to Microsoft and Serco as if the EPO is an American corporation, providing no comfort to long-serving EPO staff



  16. Linux Foundation 2021 Annual Report Made on an Apple Mac Using Proprietary Software

    Yes, you’re reading this correctly. They still reject both “Linux” and “Open Source” (no dogfooding). This annual report is badly compressed; each page of the PDF is, on average, almost a megabyte in size (58.8 MB for a report of this scale is unreasonable and discriminates against people in countries with slow Internet connections); notice how they’re milking the brand in the first page (straight after the cover page, the 1991 ‘creation myth’, ignoring GNU); remember that this foundation is named after a trademark which is not even its own!



  17. Links 7/12/2021: OpenIndiana Hipster 2021.10 and AppStream 0.15

    Links for the day



  18. Microsoft “Defender” Pretender Attacks Random Software That Uses NSIS for installation; “Super Duper Secure Mode” for Edge is a Laugh

    Guest post by Ryan, reprinted with permission



  19. Links 6/12/2021: LibreOffice Maintenance Releases, Firefox 95 Finalised

    Links for the day



  20. “Wintel” “Secure” uEFI Firmware Used to Store Persistent Malware, and Security Theater Boot is Worthless

    Guest post by Ryan, reprinted with permission



  21. No Linux Foundation IRS Disclosures Since 2018

    The publicly-available records or IRS information about the Linux Foundation is suspiciously behind; compared to other organisations with a "tax-exempt" status the Linux Foundation is one year behind already



  22. Jim Zemlin Has Deleted All of His Tweets

    The Linux Foundation‘s Jim Zemlin seems to have become rather publicity-shy (screenshots above are self-explanatory; latest snapshot), but years ago he could not contain his excitement about Microsoft, which he said was "loved" by what it was attacking. Days ago it became apparent that Microsoft’s patent troll is still attacking Linux with patents and Zemlin’s decision to appoint Microsoft as the At-Large Director (in effect bossing Linus Torvalds) at the ‘Linux’ Foundation’s Board of Directors is already backfiring. She not only gets her whole salary from Microsoft but also allegedly protects sexual predators who assault women… by hiring them despite repeated warnings; if the leadership of the ‘Linux’ Foundation protects sexual predators who strangle women (even paying them a salary and giving them management positions), how can the ‘Linux’ Foundation ever claim to represent inclusion and diversity?



  23. Microsoft GitHub Exposé — Part IX — Microsoft's Chief Architect of GitHub Copilot Sought to be Arrested One Day After Techrights Article About Him

    Balabhadra (Alex) Graveley has warrant for his arrest, albeit only after a lot of harm and damage had already been done (to multiple people) and Microsoft started paying him



  24. The Committee on Patent Law (PLC) Informed About Overlooked Issues “Which Might Have a Bearing on the Validity of EPO Patents.”

    In a publication circulated or prepared last week the Central Staff Committee (CSC) of the EPO explains a situation never explored in so-called 'media' (the very little that's left of it)



  25. Links 6/12/2021: HowTos and Patents

    Links for the day



  26. IRC Proceedings: Sunday, December 05, 2021

    IRC logs for Sunday, December 05, 2021



  27. Gemini Space/Protocol: Taking IRC Logs to the Next Level

    Tonight we begin the migration to GemText for our daily IRC logs, having already made them available over gemini://



  28. Links 6/12/2021: Gnuastro 0.16 and Linux 5.16 RC4

    Links for the day



  29. Links 5/12/2021: Touchpad Gestures in XWayland

    Links for the day



  30. Society Needs to Take Back Computing, Data, and Networks

    Why GemText needs to become 'the new HTML' (but remain very simple) in order for cyberspace to be taken away from state-connected and military-funded corporations that spy on people and abuse society at large


RSS 64x64RSS Feed: subscribe to the RSS feed for regular updates

Home iconSite Wiki: You can improve this site by helping the extension of the site's content

Home iconSite Home: Background about the site and some key features in the front page

Chat iconIRC Channel: Come and chat with us in real time

Recent Posts