Microsoft Botnets: The Chaos Continues

Dr. Roy Schestowitz

2009-01-18 23:50:49 UTC
Modified: 2009-01-18 23:50:49 UTC

Zombie
Fear not the Windows zombies

There are many ways to "Suck at Information Security", but one easy way is to choose a platform that leads to entire military bases getting cracked.

The British military is one of the very few which choose this tactless route even for nuclear submarines and it costs it dearly.

Virus ‘sends RAF e-mails to Russia’

THE Ministry of Defence is investigating a major breach in security amid claims that all e-mail traffic from a number of RAF stations has been sent to a Russian internet server.

The e-mails were allegedly diverted to the Russian sender by a worm virus that entered the MoD systems 12 days ago bringing down computers and blocking e-mail communications across the military.

The world is already filled with about 320 million Windows PCs that are zombies, so what's another massive botnet anyway?

New Botnets Replace Vanquished Pests

Although the shutdown of a California Web hosting company eradicated several prominent botnets last year, others have stepped up to fill the gaps, a security researcher says.

Gone from the landscape, said Joe Stewart, director of research at Atlanta-based SecureWorks Inc., are "Srizbi" and "Storm," the botnets Stewart ranked as No. 1 and No. 5, respectively, in an April 2008 botnet census.

How can anyone combat Windows worms that appear all the time in new forms?

A variant of a malicious worm that targeted Microsoft Windows now is spreading via USB sticks, researchers say.

Security company BitDefender Labs, based in Bucharest, Romania, detected the Windows worm variant in late December. The original worm known as Win32.Worm.Downadup, first made its appearance in late November, exploiting a Microsoft vulnerability in the Windows RPC Server Service. Since then, it has rapidly spread across numerous corporate networks with the aim of distributing malicious software on susceptible computers.

Even an Instant Messaging (IM) program is no longer safe because Microsoft turned simple communication protocols into something that can invoke unknown executables.

Internet MSN users are warned. Some programme writers are now using IM to spread malicious programs such as viruses and worms. These viruses can spread when a person opens an infected file, such as pictures of pornographic nature, that is sent through IM by someone who appears to be a contact.

Why is a program for exchange of text leading to the running of untrusted code? This is an architectural deficiency that would prove costly. Outlook and ActiveX are almost perfect examples and they requires no social engineering to lead to a raft of menaces. ⬆

"Our products just aren't engineered for security."

--Brian Valentine, Microsoft executive

Comments

Needs Sunlight

2009-01-19 14:15:50

The recurrence of MSN worms ought to be a warning that it's past time to switch IM protocols and networks, for those still in the stoneage.

MSN, live.com, and any other worm site ought to be blocked at the firewall. Same for ports used by MS Messenger.

XMPP and Jabber are the next-generation chat/messenging protocols. Use them or lose out.
The Mad Hatter

2009-01-20 02:09:48

And of course whenever a worm/virus/security hole is mentioned in the news, they never mention that it's a Microsoft only problem, and if you point this out to the news media, they don't take any action. The fact that Microsoft is often one of their major advertisers has nothing to do with this of course.
Roy Schestowitz

2009-01-20 03:07:51

Here's an E-mail that I received this morning (for sharing):

Hi, Roy,

Here's an example of pro-MSFT spin on headlines. All it takes is one bad member on the editorial team and an entire publication can be compromised, like here:

http://www.cnn.com/2009/TECH/ptech/01/16/virus.downadup/index.html?eref=rss_tech" title="Downadup virus exposes millions of PCs to hijack

The title is "Downadup virus exposes millions of PCs to hijack". If we stick with the standard usage of the verb "expose" then the correct title is "Windows exposes millions of PCs to hijack"

Had it been a Linux worm, there would probably be a different headline, no? The mythology of Microsoft is that "all computers" are not secure and "Windows is the standard".

A Lot of Technological 'Progress' Has Been Nothing But Buzzwords: Free software does not try to excite people people over nothing
Proprietary Software: Here Today, Gone Tomorrow: Proprietary software has an entirely different mindset, revolving around business models rather than science
Web Hostnames Down to Lowest Number in More Than 7 Years!: the number of hostnames is falling rapidly (they hide this by choosing logarithmic scale)
Over at Tux Machines...: 2 days' worth
Stop Begging Companies That Don't Value Your Freedom to Stop Pushing You Around: That's not freedom
The forbidden topics: There are forbidden topics in the hacker community
Curation and Preservation Work: The winter is coming soon and this means our anniversary is near
Community is the Lifeblood of Freedom in the GNU/Linux World: Removing or undoing the "cancerd" (systemd) is feasible but increasingly difficult
Richard Stallman Says He Will Probably Live Many More Years: "Richard Stallman has cancer. Fortunately it is slow-growing and manageable follicular lymphona, so he will probably live many more years nonetheless. But he now has to be even more careful not to catch Covid-19."
Quitting 'Clown Computing' and GAFAM is Only the Start: The Web and the Net at large became far too centralised
They Say Free Software is Like Communism When They, the Proprietary Software Giants, Constantly Pursue Government Bailouts (Subsidies From Taxpayers): At the moment Ukraine is at most risk due to its dependence on Microsoft (inside its infrastructure)
Social Control Media Has No Future, It Was Always Doomed to Fail (Also Promoted Based on Lies): Recent events, including developments at Twitter, meant that they lost a lot of their audience and then, in turn, sponsors/advertisers
They're Been Trying to 'Kill' Richard Stallman for Years (by Mentally Tormenting Him): Malicious tongue wanted to do him what had been done to Julian Assange
We Temporarily Have Two Gemini Capsules: They're both authentic and secure, but they're not the same
Consumerism is Lying and Revisionism: We need to reject these liars and charlatans
Links 30/09/2023: Open VFS Framework, CrossOver 23.5, Dianne Feinstein Dies: Links for the day
Security Leftovers: GNU/Linux, Microsoft, and more
Microsoft Down on the World Wide Web, Shows Survey: down by a lot in this category
IRC Proceedings: Friday, September 29, 2023: IRC logs for Friday, September 29, 2023
A Society That Fails Journalists Does Not Deserve Journalism: It's probably too later to save Julian Assange as a working publisher (he might never recover from the mental torture), but as a person and a father we can wish and work towards his release
Almost Nothing To Go With Your Morning's Cup Of Coffee: Newspaper? What newspaper?
Techrights Was Right About the Chaff Bots (They Failed to Live up to Their Promise): Those who have been paying attention to news of substance rather than fashionable "tech trends" probably know that GNU/Linux grew a lot this year
Selling Out to Microsoft Makes You Dead Beef: If all goes as well as we've envisioned, Microsoft will get smaller and smaller
Mobile Phones Aren't Your Friend or a Gateway to Truly Social Life: Newer should not always seem more seductive, as novelty is by default questionable and debatable
Links 29/09/2023: Disinformation and Monopolies: Links for the day
iFixit Requests DMCA Exemption…To Figure Out How To Repair McDonald’s Ice Cream Machines: Reprinted with permission from Ryan Farmer
Jim Zemlin Thinks the World's Largest Software Company Has 200 Staff, Many of Whom Not Technical at All: biggest ego in the world
Microsoft GitHub Exposé — In the Alex Graveley Case, His Lawyer, Rick Cofer, Appears to Have Bribed the DA to Keep Graveley (and Others) Out of Prison: Is this how one gets out of prison? Hire the person who bribes the DA?
Richard Stallman's Public Talk in GNU's 40th Anniversary Ceremony: Out now
Links 29/09/2023: Linux Foundation Boasting, QLite FDW 2.4.0 Released: Links for the day
Red Hat Does Not Understand Community and It's Publicly Promoting Microsoft's Gartner: RedHat.com is basically lioning a firm that has long been attacking GNU/Linux in the private and public sectors at the behest of Microsoft
A 'Code of Conduct' Typically Promoted by Criminal Corporations to Protect Crimes From Scrutiny: We saw this in action last week
Objections to binutils CoC: LXO response to proposed Code of Conduct
Conde Nast (Reddit), Which Endlessly Defamed Richard Stallman and Had Paid Salaries to Microsoft-Connected Pedophiles, Says You Must Be Over 18 to See 'Stallman Was Right': Does this get in the way of their Bill Gates-sponsored "Bill Gates says" programme/schedule?
Techrights Extends Wishes of Good Health to Richard M. Stallman: Richard Stallman has cancer
endsoftwarepatents.org Still Going, Some Good News From Canada: a blow to software patents in Canada
The Debian Project Leader said the main thing Debian lacked was more contributors: The Debian Project Leader said the main thing Debian lacked was more contributors
IRC Proceedings: Thursday, September 28, 2023: IRC logs for Thursday, September 28, 2023
Links 28/09/2023: Openwashing and Patent Spam as 'News': Links for the day
Links 28/09/2023: Preparing Red Hat Enterprise Linux 8.9 and 9.3 Beta: Links for the day
We Need to Liberate the Client Side and Userspace Too: Lots of work remains to be done
Recent IRC Logs (Since Site Upgrade): better late than never
Techrights Videos Will be Back Soon: We want do publish video without any of the underlying complexity and this means changing some code
Microsoft is Faking Its Financial Performance, Buying Companies Helps Perpetuate the Big Lies (or Pass the Debt Around): Our guess is that Microsoft will keep pretending to be huge, even as the market share of Windows (and other things) continues to decrease
Techrights Will Tell the Story (Until Next Year!) of How Since 2022 It Has Been Under a Coordinated Attack by a Horde of Vandals and Nutcases: People like these belong in handcuffs and behind bars (sometimes they are) and our readers still deserve to know the full story. It's a cautionary tale for other groups and sites
Why It Became Essential to Split GNU/Linux Stories from the Rest: These sites aren't babies anymore. In terms of age, they're already adults.
Losses and Gains in an Age of Oligarchy - A Techrights Perspective: If you don't even try to fix something, there's not even a chance it'll get fixed
Google (and the Likes Of It) Will Cause Catastrophic Information Loss Rather Than Organise the World's Information: Informational and cultural losses due to technological plunder
Links 28/09/2023: GNOME 45 Release Party, 'Smart' Homes Orphaned: Links for the day
Security Leftovers: Xen, breaches, and more
GNOME Console Won’t Support Color Palettes or Profiles; Will Support Esperanto: Reprinted with permission from Ryan Farmer

Microsoft Botnets: The Chaos Continues

Virus ‘sends RAF e-mails to Russia’

New Botnets Replace Vanquished Pests

Comments

Recent Techrights' Posts