New Flaw in Windows Facilitates More DDOS Attacks

Dr. Roy Schestowitz

2010-07-27 22:03:18 UTC
Modified: 2010-07-27 22:03:18 UTC

Summary: Shoddy Microsoft software continues to provide opportunities for disgruntled people to attack and take down servers they dislike

ANY Windows botnet which is enabled by "Zeus" (Zeus is known to be a cause of DDOS attacks) is already taking advantage of Microsoft's latest severe flaw which affects even fully patched Windows:

Miscreants behind the Zeus cybercrime toolkit and other strains of malware have begun taking advantage of an unpatched shortcut handling flaws in Windows. It was first used by a sophisticated worm to target SCADA-based industrial control and power plant systems.

No patch is available yet:

Security researchers have found more malware exploiting an unpatched Windows vulnerability via .LNK shortcut files.

According to Sophos blog July 23, two other pieces of malware have been observed targeting the bug. One is a keylogging Trojan the company is calling Chymin-A that is "designed to steal information from infected computers." The other is Dulkis-A, a "worm written in obfuscated Visual Basic" that contains several subcomponents.

More here:

Slovakian security firm Eset reports the appearance of two malware strains that exploit security vulnerabilities in the way Windows handles .lnk (shortcut) files, first used by Stuxnet to swipe information from Windows-based SCADA systems from Siemens.

We covered those SCADA incidents earlier today. This has a serious impact on the world's energy, not to mention those BP BSODs which we've already covered in [1, 2, 3].

The damage costs a lot of money and time (which can be equated to money) and the security world is "ill-equipped to solve digital whodunnits," reports The Register.

“A lot of those efforts are very unqualified and pedestrian,” said Parker, who is director of security consulting services at Washington, DC-based Securicon. “There's really not any science behind the efforts that many people have been making recently that have resulted in stories like China is attacking us, Russia is attacking us, Korea is attacking us.”

It is really hard to know where DDOS attacks come from these days. People don't control their Windows PCs, which can be hijacked and chained back to some botmasters whose interests are not known.

Georgia has an unfortunate DDOS story to tell about its national infrastructure; after years of investigation it is still not perfectly clear if the Russian government had something to do with it or not. One youngster claims responsibility, but can he be believed? It can be hard to verify. And if one youngster can paralyse an entire nation, what does that teach us about those Windows zombies he used? ⬆

Microsoft Mass Layoffs Without Severance Pay Reported Hours After Microsoft Reported Weak Numbers and Microsoft Stock Fell: Microsoft has a bloodbath this month
Another Slew of Fake Articles About 'Linux' and 'Security' From Brittany Day at linuxsecurity.com (Spamfarm/Slopfarm): linuxsecurity.com is basically a pariah and parasite. It lessens the incentive to write real articles about "Linux" by generating fake ones to outrank the originals.
IBM: Many Thousands of Layoffs in 2025: If 2025 is expected to be the same, then perhaps about 20,000 IBM workers will no longer be there
The Free Software Foundation (FSF) Raised $422,000 (Another $22k in the Two Weeks After Campaign Ended), Proving That Truth and Justice Tend to Find a Way: 10,000+ dollars a week even without campaigning for more funds
Faking Revenue Increase by Buying Your Own Products and Services (Through Scams and Scammers Like Scam Altman): Is this what society deserves? Media that instead of exposing corruption has chosen to participate in it and profit from it?
Links 30/01/2025: Fentanylware (TikTok) Causes Deaths, FBI Seizes Domains: Links for the day
Gemini Links 30/01/2025: Action vs Inaction, Gopherholes, and More: Links for the day
Links 30/01/2025: Microsoft Wants Convicted Felon to Give Fentanylware (TikTok) to It (After Making a Phonecall Asking for That in 2019), "Moving Away From Google's Ecosystem": Links for the day
Jack M. Germain (LinuxInsider) Seems to Have Turned to LLM Slop, Graphics Slop, and B2B SPAM: LinuxInsider is barely active anymore
Links 30/01/2025: Amazon Layoffs and DeepSeek Panic: Links for the day
Gemini Links 30/01/2025: Chaos Reigns, E-mail, Searching: Links for the day
Over at Tux Machines...: GNU/Linux news for the past day
IRC Proceedings: Wednesday, January 29, 2025: IRC logs for Wednesday, January 29, 2025
Google: Your Only Option is Google YouTube (Coming Soon: Mandatory DRM and Attestation?): Digital Restrictions (DRM) to follow? Only for "approved" (attestation) browsers?
Mastodon Was Always Biased (Just Like Twitter After Abandoning Chronological and Neutral Timelines in Order to Become More Like Facebook): So bury-brigading and click-farming control what people see
Certificate Authority Let's Encrypt Falls to Only 0.4% of the Total in Geminispace: Geminispace does not need to outsource trust
The Munich-Based EPO is Still Using a Platform That Promotes the Far Right and Rehabilitates Nazism: Active Twitter account
Links 29/01/2025: Dismantling Public Health in the US, Air Busan Plane Up in Flames (South Korea's Air Disasters Streak): Links for the day
Announcements and Administrivia: This week we're going out for two days in a row to celebrate an achievement that's very respectable
Gemini Links 29/01/2025: Japan, GTD, and More: Links for the day
Sir, Yes, Sir. The Life of EPO Patent Examiners.: If working for the EPO makes it harder to sleep at night, take action
How the EPO Pressures Staff Into Minting More Monopolies (Patents), Even Illegal Ones That Harm Europe and Ultimately Dismantle the Rule of Law: insights into the pressure examiners are under
LLM Slop Machines Are Not a Win for "Open Source" and If They Get Cheaper, It's Even Worse: If some program that claims to be "Open Source" pollutes the Web with fake articles (Microsoft SPAM and fake "Linux" articles), whose win is it?
Links 29/01/2025: Data Privacy Day and Growing Tensions in Europe: Links for the day
Nazi Twitter (aka "X") Became a Troll Site That Lets People Buy a Blue Tick While Its Boss Actively Promotes Neonazi Politicians: the intellectual level of people who infest the Web through "Twitter" or "X"
This is Why They're So Afraid of Richard Stallman (He Tells People the Correct History): Then they post about it to Microsoft's LinkedIn
Richard Stallman Speech in Bengaluru, "Silicon Valley of India": 62 years have passed since his "young nerd" days and he's still at it
Claim: Facebook Deletes Posts of IBM Red Hat Critics: As always, follow the money (advertisers)
Links 29/01/2025: Climate Crisis and "It’s time for the Xbox to fade away" (Microsoft Lose): Links for the day
Links 29/01/2025: Buying Groceries During a Trade War, Political 'Retro': Links for the day
More Illegal Patents at the EPO, Legality of Granted European Patents No Longer Matters to the Office: breaking the law for profit
Network Improvements Tomorrow: "Network maintenance" down in London
Sharing is Caring (But Advocating Copyleft Makes You a "Target"): GPLv3 does not close all the loopholes which the "Affero" helps close
Articles About Free Speech at Facebook: 'Facebook vs Linux' story is now receiving a lot more media coverage
We Were Right About stallmansupport.org Making an Error by Joining Social Control Media. mastodon.social Suspends stallmansupport.org.: From what we can guess, accounts can be banned by some oversensitive admin or a mob of users ("bury brigades")
"Latest Technology News" in BetaNews Still LLM Slop and SPAM Composed by LLMs (It's Basically a Spamfarm Disguised as a News Site): Only a fool would visit BetaNews in search of actual news
Over at Tux Machines...: GNU/Linux news for the past day
IRC Proceedings: Tuesday, January 28, 2025: IRC logs for Tuesday, January 28, 2025
The EPO's Corruption, If It Remains Untackled, Helps the Far Right and Enemies of European Unity/Solidarity: Do not negotiate with evil
The Web, Including Wikipedia, Gets Filled With Lies About Bill Gates, Added by Bill Gates and His PR Team: Of course Wikipedia is funded by Gates
Facebook Banning Linux Sites (or People Who Link to Linux Sites) is Another Symptom of the Web's Demise: The state of media on the Web is really bad; Social Control Media amplifies the badness, as Facebook serves to show
Gemini Links 29/01/2025: Neovim Telescope and Writing Less: Links for the day
Links 28/01/2025: Chaffbot as Commodity Fad, New Import Restrictions in Thailand: Links for the day
Links 28/01/2025: "Against Social [Control] Media", "Smart" Buses' Ticketing System Cracked: Links for the day
[Video] Richard Matthew Stallman (RMS) in India, Talking About Proprietary Software's Dangers Only Yesterday: WebM file
Gemini Links 28/01/2025: Thinking About Not Much, Computing Fatigue, the Curse of JavaScript: Links for the day
"SuccessFactors" (SAP) Stunts at the EPO Used to Break Laws and Constitutions, Staff Tricked Into Harming Themselves: Ongoing corruption and lawlessness became the norm; Europe's second-largest institution (EPO) along with the largest institution (EU) has its very own Minsk
The GNU Manifesto Turns 40 in a Few Weeks: The FSF turns 40 later this year, too
Continued Support and Momentum at the Free Software Foundation (FSF): "This helps protect our community."
Another Talk by Richard Stallman Tomorrow, This Time in Bengaluru: This means that in January 2025 he is giving at least 5 public talks
Over at Tux Machines...: GNU/Linux news for the past day
IRC Proceedings: Monday, January 27, 2025: IRC logs for Monday, January 27, 2025

New Flaw in Windows Facilitates More DDOS Attacks

Recent Techrights' Posts