New Flaw in Windows Facilitates More DDOS Attacks

Dr. Roy Schestowitz

2010-07-27 22:03:18 UTC
Modified: 2010-07-27 22:03:18 UTC

Summary: Shoddy Microsoft software continues to provide opportunities for disgruntled people to attack and take down servers they dislike

ANY Windows botnet which is enabled by "Zeus" (Zeus is known to be a cause of DDOS attacks) is already taking advantage of Microsoft's latest severe flaw which affects even fully patched Windows:

Miscreants behind the Zeus cybercrime toolkit and other strains of malware have begun taking advantage of an unpatched shortcut handling flaws in Windows. It was first used by a sophisticated worm to target SCADA-based industrial control and power plant systems.

No patch is available yet:

Security researchers have found more malware exploiting an unpatched Windows vulnerability via .LNK shortcut files.

According to Sophos blog July 23, two other pieces of malware have been observed targeting the bug. One is a keylogging Trojan the company is calling Chymin-A that is "designed to steal information from infected computers." The other is Dulkis-A, a "worm written in obfuscated Visual Basic" that contains several subcomponents.

More here:

Slovakian security firm Eset reports the appearance of two malware strains that exploit security vulnerabilities in the way Windows handles .lnk (shortcut) files, first used by Stuxnet to swipe information from Windows-based SCADA systems from Siemens.

We covered those SCADA incidents earlier today. This has a serious impact on the world's energy, not to mention those BP BSODs which we've already covered in [1, 2, 3].

The damage costs a lot of money and time (which can be equated to money) and the security world is "ill-equipped to solve digital whodunnits," reports The Register.

“A lot of those efforts are very unqualified and pedestrian,” said Parker, who is director of security consulting services at Washington, DC-based Securicon. “There's really not any science behind the efforts that many people have been making recently that have resulted in stories like China is attacking us, Russia is attacking us, Korea is attacking us.”

It is really hard to know where DDOS attacks come from these days. People don't control their Windows PCs, which can be hijacked and chained back to some botmasters whose interests are not known.

Georgia has an unfortunate DDOS story to tell about its national infrastructure; after years of investigation it is still not perfectly clear if the Russian government had something to do with it or not. One youngster claims responsibility, but can he be believed? It can be hard to verify. And if one youngster can paralyse an entire nation, what does that teach us about those Windows zombies he used? ⬆

New Article Explains How the GPL Came About and WordPress Having Copyleft Obligations: Having been involved in the WordPress development community since almost the beginning, I know why it chose the GPL and how it restricts abuse by Automattic
Dr Richard Stallman (RMS) Gives Talk in Oxford University in 4 Hours: If you live nearby, go there (it's free as in gratis)
Using a Law Firm's Licence to Exercise Politics Through Frivolous SLAPPs and Nastygrams (to Silence People, Remove Pages, Demand Fake or Forced 'Apologies'): Things must be getting really bad when lawyers act for raving antisemites
Another Site Bites the Dust: "Open Source For You" Becoming a Slopfarm (LLM Slop): What a shame. Another dead site.
Richard Stallman's Oxford Talk Has Just Ended, Here Are Some Photos: he might hop over to another European country
Gemini Links 24/04/2025: Birthday and Good Work of Academia in Esotericism: Links for the day
Links 24/04/2025: EU fines Apple and Facebook, Another Microsoft GitHub Security Blunder: Links for the day
IBM Gained Almost 6 Billion Dollars in "Goodwill" Value in Just 3 Months, According to IBM: Congrats to the management!
In Belarus, Yandex is Now Measured as 50 Times More 'Popular' (by Usage) Than Microsoft: Yandex continues to gain, whereas Bing cannot even register at 1%. Last month it was registered or measured at a measly 0.65%.
IBM Cannot Lie to Shareholders Anymore: "I would not be surprised if we see a layoff every quarter this year."
We're Working to Make Full-Site Search Available: This site has over 1,000 'wiki' pages, many thousands of documents, several thousands of videos, and about 50,000 blog posts or articles. We need to make them easier to find/navigate.
Links 24/04/2025: IBM Loses Many Contracts, Intel to Lay Off Over 20% (Not Counting Those Who Leave 'Voluntarily'): Links for the day
Richard Stallman Can Explain to Oxford Artificial Intelligence Society Why LLM Slop is Not Artificial Intelligence and Why It Hurts Society: another 'crop' of LLM slop that damages GNU/Linux and facts
Over at Tux Machines...: GNU/Linux news for the past day
IRC Proceedings: Wednesday, April 23, 2025: IRC logs for Wednesday, April 23, 2025
Open Source Initiative (OSI) Promoting Microsoft and Proprietary Software Using Microsoft Operatives: Because nothing says "Open Source" like GPL violations facilitated by Microsoft
Links 23/04/2025: Crackdowns on Dissent, Palin Loses Libel Retrial Against New York Times: Links for the day
Links 23/04/2025: Hard Times and Digital Amnesia: Links for the day
The GNU/Linux Site Formerly Known as "linoxide.com" is Back... as an LLM Slopfarm!: Better for linoxide.com to go offline than to do this
Get Rid of Back Doors, Don't Obsess Over Bounties and Other Corporate PR Stunts (or Needless Reboot Rituals): Security as a term has mostly lost its meaning due to repeated misuse for many years
Richard Stallman to Speak in Oxford University Exactly a Day From Now: outsourced to GAFAM
Links 23/04/2025: "Hiding Corruption" and "The Cost of Defunding Harvard": Links for the day
Microsoft 'Studies' Again? Leon Musolff is Writing Papers With Microsoft.: Even if one can see/find a link to "the study" (in the Bezos-controlled publication), most people won't look any further and just take everything at face value.
Towards GNU World Domination: The FSF led by Geoffrey S. Knauth with his friend Richard Stallman in the FSF's Board [...] Let's encourage people to adopt GNU/Linux. There has never been a better time.
statCounter Helps Visualise Just How Deep in Trouble Microsoft is (Especially in Africa): Microsoft sabotaged efforts to connect Africans and equip them with GNU/Linux laptops
The Register is Using Linux-Hostile Clickbait in Articles of Linux Proponents: Don't be a "whore" to advertisers, team El Reg
Microsoft Windows in Cyprus Lacking a Future: Most people access the Web there from mobile
Matrix Has a Severe Problem With Illegal Images: If Matrix cannot get the CP problem under control, many projects and people will dump Matrix
Never Try to Justify Strangulation of Women (Not in the US and Not in the UK): Joint post by Mrs. Rianne Schestowitz and Dr. Roy Schestowitz
Links 23/04/2025: Tesla Profits Plunge 71%, Intel Ready to Lay Off 20% of Staff, Microsoft and IBM Layoffs: Links for the day
Microsoft's Most Profound Issue is That People Moved to 'Mobile' and "App Stores" (Microsoft's Presence There is Negligible): Expect a wild ride for Microsoft this year
Google News is Amplifying FUD and Lies About Linux (and OpenSSH/SSH) by Promoting Slopfarms With Machine-Generated FUD and Slop Images: Google should know better
Gemini Links 23/04/2025: Librarians, Anubis, and Refactoring a Gemini Capsule: Links for the day
Over at Tux Machines...: GNU/Linux news for the past day
IRC Proceedings: Tuesday, April 22, 2025: IRC logs for Tuesday, April 22, 2025
Links 22/04/2025: Ending DEI Policies at Adobe, FTC Sues Uber: Links for the day
RMS is Done at KCL, Next Stop is Oxford: The message of RMS has long resonated well in India
US Government Already Bailing Out OpenAI/Microsoft With "Contracts", As Usual, Back Doors You Cannot Remove Becoming 'a Step Closer' on New PCs (Unless Everyone Acts ASAP): The next "logical" step towards digital prisons
Microsoft Devises PR Stunts to Distract From Impending Mass Layoffs and Likely Bad Results Preceding Those Mass Layoffs: A "voluntary exit plan"
Gemini Links 22/04/2025: Deaths, HamsterCMS, and More: Links for the day
Links 22/04/2025: FTC v. Meta Trial and Google Remedies: Links for the day
In Turkey, Windows Down Rapidly While GNU/Linux Grows: Although Turkey is in NATO (but not the EU), it cannot quite trust computer systems controlled by the United States
GNOME, Microsoft, and GitHub: The Lack of Reporting on Abusive Colleagues Contributed to Profound Media Vacuum (or Blackout), Now Resorting to SLAPPs: This lack of morality/courage has helped enable further abuse, lining up more victims
Richard Stallman Has Updated His Article on Why "Free Software Is Even More Important Now": Richard Stallman is about to give a talk here in the UK in a few hours
Microsoft Already Attacks the BSDs as Well (the E.E.E. Way, as Usual): Bearers of bad news
The Open Source Initiative (OSI) is in Trouble, May Soon be Out of Business: Openwashing needs to end
Microsoft's Debt Grew Over 6 Billion Dollars in the Last Reporting Quarter (Before Inauguration), Expect Worse Next Week When 'Results' Are Disclosed and Mass Layoffs Resume: Microsoft is bleeding. It does not want people to notice.
Over at Tux Machines...: GNU/Linux news for the past day
IRC Proceedings: Monday, April 21, 2025: IRC logs for Monday, April 21, 2025
Richard Stallman Gives Public Talk in London in 7 Hours (Need to Register as Venue Limited to 150 Seats), Public Announcements Begin to Appear: These are not announced weeks or months in advance

New Flaw in Windows Facilitates More DDOS Attacks

Recent Techrights' Posts