Bonum Certa Men Certa
Microsoft Hijacked Yahoo! from the Inside (Updated) | Stuffing It Up, Microsoft Edition

Eye on Microsoft: Another Messy Week for Security

The state of the botnet is a reality that can't be immediately escaped unless there is a large-scale disconnection of Windows-running PCs. However, rather than making steps in the right direction, the situation appears to be worsening.



This post is a quick roundup (due to time constraints) of the past week's developments, with special emphasis on complete comprise that brings the world SPAM, DDOS attacks, espionage, ransom, and wasted productivity.

Rise of the Zombies



Halloween is far behind, but the zombies are back.

Most of Srizbi's new command and control servers were located in Estonia and all of its domains were registered in Russia. For about 13 hours, some 100,000 or so infected machines had the ability to connect to those servers, though it's not clear exactly how many of them did so, since many of them were likely not powered on, Lanstein said.


IDG covered this too.

The zombie computers used to send spam are coming back to life.

Security vendors say spammers are reconnecting with hacked PCs used for sending spam as evidenced by a rising number of spam messages circulating on the Internet the last few days. Spam levels suddenly dropped two weeks ago after the shutdown of McColo, a rogue ISP (Internet Service Provider) based in San Jose, California, whose connectivity was used to control networks of hundreds of thousands of computers to send spam, known as botnets.


According to the following report, these botnets can easily increase their size by recruiting more nodes.

A new analysis of botnets has come up with a possible reason for their prodigious ability to infect PCs -- many anti-virus programs are near to useless in blocking the binaries used to spread them.


SPAM on the Rise Again



A recent statistic suggested that over 150 billion SPAM messages are sent per day. Biblical proportions by all means! Some of this can be intercepted at server level, but it increases load on the servers (and thus everyone's connection fees), not to mention the severe issue of false positives (especially affecting businesses that rely on E-mail).

With increase in botnet activity comes increase in SPAM that threatens small businesses.

The fight against spam rages on after a spike in spam levels following the shut-down of hosting service McColo. SMBs are particularly vulnerable to malware and spam; ensuring secure, spam-free email should be a prominent security interest.


This was also covered by the BBC.

Spam on rise after brief reprieve



Some 450,000 infected computers have been spotted trying to connect to the largest of the networks McColo hosted.


Worms Warming Up



More worm problems emerge:

1. Vulnerable Windows Machines Sitting Ducks for the Conficker Worm

First Microsoft, and now McAfee is warning Windows users to expedite the process of applying a patch for a Critical vulnerability in Server Service affecting both client and server versions of the operating system.

According to the Redmond company, all supported platforms are vulnerable, including Windows 2000, Windows XP (even SP3), Windows Vista RTM/SP1, Windows Server 2003, Windows Server 2008 and Windows 7. McAfee has indicated that users not deploying the patch are vulnerable, while Microsoft has already informed that it had detected active attacks and infections in the wild, following a period when exploits were just targeted.


2. Windows worm infection accelerates

Microsoft is currently observing an increase in the spread of a new Windows worm that exploits the known vulnerability in the RPC functions of the Server service to penetrate systems. The infection rate of Conficker.A worm is reported to be accelerating over company networks in particular. The Microsoft Malware Protection Center says most reports are coming from the USA, but customers in Europe, Asia and South America too are affected, and reports have also been received from several hundred home users.


3. Microsoft Warns of Worm Attack on Windows

Security researchers at Microsoft Corp. last week warned of a significant climb in exploits of a Windows bug it patched with an emergency fix last month, confirming earlier reports by Symantec Corp.

Microsoft again urged users to apply the MS08-067 patch if they have not already done so.


4. Microsoft Warns Of Attack Exploiting Windows Vulnerability

Specifically, the worm deletes any use-created System Restore points, and attempts to contact numerous sites, including those of Google, Yahoo, MSN and ask.com, to obtain the current date, according to researchers at the SANS Institute. The worm then uses the date information to generate a list of domain names, which it then contacts in an attempt to download additional malicious files onto a user's affected computer.


5. Microsoft warns of new Windows attacks

The new attacks, which Microsoft's Malware Protection Center said began over the weekend but spiked during the past two days, use the same worm that Symantec first spotted last Friday.


6. Microsoft: Worm Exploiting Networked Computers via HTTP

Microsoft informed in its most recent security bulletin that a worm dubbed Win32/Conficker.gen!A is messing around with computers across a network by exploiting a vulnerability in the Windows Server service, allowing remote code execution to take place while file sharing is enabled.


How did computing fall into this mess? Well, the following article magically vanished (we did try to find it again, to no avail), but its headline was (is) "Microsoft Not Rushing To Fix Vista Kernel Vulnerability." The disappearance of this article might be innocent, but it still raises a brow.

We covered this last week. Even when severe flaws are found, Microsoft will leave them unpatched unless or until there is an attack exploiting them, i.e. when it's too late. It is not only vain but it's also irresponsible. It also enables Microsoft to 'massage' and lie about security using meaningless figures [1, 2, 3].

Once infected, nothing on a machine can be trusted, as proven by this new report.

A DANGEROUS new variant of malware is attacking PCs in the UK, the INQ has discovered. It hijacks the victim's browser and directs them to a fake site masquerading as AVG's own front page.


Needless to say, without radical change, things are bound to get worse before they get better. It's time for consideration of secure platforms.

Fire alarm

Comments

Microsoft Hijacked Yahoo! from the Inside (Updated) | Stuffing It Up, Microsoft Edition

Recent Techrights' Posts

IBM May Well Be Laying Off Over 13,500 and Up to 27,000 Staff This Week When It Says "Single-Digit Percentage of Our Global Workforce"
It's not yet possible to know how many people IBM gets rid of
Early Unverified Figures About Scale of Latest IBM Layoffs
the real scale of the RAs will remain elusive
How Techrights Search Works
Hopefully bots won't use it
Techrights Became a Lot More Productive as a Result of Attacks on It
By default, it's safe to assume anything on the Web is garbage, especially in social control media
Unverified Rumours: IBM Cuts Will Continue Another ~10 Days, Managers Will Invite Those Impacted for 1-on-1 Meetings
Right now IBM likes diversity because with adoption of low-paid demographies it gets to pay workers less for the same work
analytics.usa.gov: Vista 11 Scarcely Used, GNU/Linux Increasingly Dominant (Microsoft Loses "Goodwill", Depletes Cash Equivalents, and Debt Soars)
"Total current assets" fell by more than 2 billion dollars in the past 3 months
Not Only Mass Layoffs at IBM But Complete Shutdowns "Amid A.I. Boom"
apparently about 10,000 layoffs, not counting those who got pushed out by PIPs and other means
 
Gemini Links 05/11/2025: Affirmation, GnuPG, and While Loops
Links for the day
Links 05/11/2025: Economic Trouble in France and US Bombing All Over the World Without Declaration of War or Congress Approving
Links for the day
Red Hat Staff Also Impacted by Latest IBM Layoffs With Focus on North America and Software, Infrastructure
After the bluewashing never expect to see news about "Red Hat layoffs", just as "Tivoli layoffs" aren't to be expected
Coming Soon: Part 4 About the EPO's Substance Abuse (Breaking Laws to Fake 'Production' and Profiting From Unlawful Monopolies)
Notice how quiet the EPO's management has been lately
For the Record: We Never Named Staff of the Law Firm That's Attacking Us, Except the One the Firm is Named After!
Just to affirm and be sure, I've used our new search facility
Links 05/11/2025: Medicare Privatisation and "Breaker Box Economy"
Links for the day
Techrights Search Will Come Early
Maybe tomorrow
It Seems Like GNOME/IBM Don't Like Women and When Budget is Limited Only Women Take the Fall
Seems like a very patriarchal, GAFAM-controlled Foundation
"Last Day" as in "IBM Sacked Me" (Cruel Euphemisms)
"The entire design and research technical leadership at IBM was laid off in the past year, including this round"
Shadow Crew and Ads Disguised as Articles
That The Register MS runs articles that are paid-for fluff isn't unprecedented
Vista 11 "Market Share" Has Fallen This Month, Based on statCounter
The US government's own data shows the same thing this month
This is How Mainstream Media, Boosted or Parroted by Slopfarms, Spins IBM's Commercial Failure and Mass Layoffs as "AI"
Some say "software focus", but most just resort to buzzwords and blame-shifting hype
Resisting Misogynists
Rianne has already added close to 100,000 pages to this site
Starting November on a Strong Note
All in all, this month started well for us as we have good, accurate publications with considerable impact
Fake Retirements Help IBM Keep the Layoff Figures Down
Yesterday we read that it was quite cruel how IBM (or Red Hat) compelled staff to pretend to be happily leaving or "retiring" when the reality was, they had been pushed out with some "package"
Cocaine at the European Patent Office Now a Subject in YouTube, Media Will Revisit the Topic
"The Cocaine Patent Office" is no joking matter
Gemini Links 05/11/2025: "Wuthering Heights" and "Winter is Coming"
Links for the day
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Tuesday, November 04, 2025
IRC logs for Tuesday, November 04, 2025
2 Days Until Site Anniversary Party, Search Likely to Launch Same Day
We're now just two days away from the nineteenth anniversary of the site
Richard Stallman's 2005 Article on Why Patents on Software Should be Denied
If patent law had been applied to novels in the 1880s, great books would not have been written. If the EU applies it to software, every computer user will be restricted, says Richard Stallman
"Last Day" at IBM and Red Hat as "Stealth Layoffs" (They Force People to Pretend It's Wilful)
So the real extent of the layoffs is being kept 'undercover'
Slopwatch: The WebProNews Slopfarm and the Serial Slopper
The Web is ill
Links 04/11/2025: Tensions Around Belarus Grow, Turkey’s Hype-inflation Continues
Links for the day
Corporate Media That Fails to Report Cocaine at EPO is Totally Failing to Report Mass Layoffs at IBM
How come nobody anywhere writes about this week's RAs?
Search @ Techrights: Almost There Now (Maybe an Anniversary Gift)
Just to be very clear, search would not be unprecedented at Techrights
At IBM, Layoffs Start at 1AM (at Night)
not a single English-speaking site covers the news about the layoffs
Links 04/11/2025: Google Cloud Account Engages in Censorship of the Innocent, arXiv Spammed by LLM Slop
Links for the day
EPO Cocaine Chronicles: Our Aim Will be to Ensure This Becomes a Mainstream Media Topic, Not a Suppressed Scandal (Which the German State Deems Embarrassing and Detrimental to Its Pan-European Patent Franchise)
At the EPO, and perhaps in German media as well, people "fall upwards" (they get rewarded for bad things)
Envy Makes People Do Self-Harming Things (and Harm to Others)
Online communities that can be deemed successful are built around trust, mutual respect, and collective accomplishment
Static Site Generators (SSGs) Made Techrights Better, Faster, Easier to Manage
Consider adopting SSGs if you still use a CMS such as WordPress
But he Was Born in Manchester! (Origin Stories)
Borussia Dortmund does not exist!
What Julian Darley Wrote About the Stallman Talk Regarding "AI" in Oxford (2025)
From LinkedIn (Microsoft)
GNU/Linux is American, Not Finnish
It started in Boston, not in Helsinki
'Hacker' 'News' Makes Dumb Assertions Against Smart People
A logical fallacy
We Turned Down Every Settlement Offer Because Truths Aren't Determined in Bank Accounts
Without free press, there won't be free society
"All truths are easy to understand once they are discovered; the point is to discover them." -Galileo Galilei
This site is educational
Why I'm Always Proud of the Site I've Devoted My Life to
As a graffiti around the corner from our home says, "be a better person"
Standing Up or Standing for What's True But Inconvenient
Bad actors need to be called out
Many People Have Said That They "Leave" IBM in Recent Days (Ahead of Mass Layoffs)
So the real extent of layoffs is greater than what's publicly stated (there are silent layoffs) [...] Whatever IBM says about the scope, scale, or magnitude of the "RAs", it doesn't tell the full story
Media Coverage Regarding IBM is Vapourware and LLM Slop
With slop images, too
statCounter Says GNU/Linux Rose to 4% in the Russian Federation
Adoption of Vista 11 has been embarrassingly weak
Corruption is Not a Joke
we'll try to limit our use of humour to avoid misunderstandings or misinterpretations
The Slopfarm WebProNews is Overwhelming "linux" Results in Google News
Google News is slop
The Fall of IBM: What Happened?
Just like the EPO continues riding some old reputation acquired in the 1970s IBM relies on old myths like, "nobody gets fired for buying IBM."
IBM's CEO Already Has the Excuse for the Latest Wave of Mass Layoffs
Only days ago the CEO told a bunch of nonsense
Links 04/11/2025: Conflicts, Politics, and IPv6 at Home
Links for the day
Gemini Links 04/11/2025: Entering WiFi Passwords and Programming Rambles
Links for the day
Arch Linux Seems Like the New Debian
Arch users (btw!) are growing in relative and absolute share
Analytics From US Government Affirm a Trend: Microsoft's "Market Share" in Search is Falling
the data set is large
Holding Institutions Such as the EPO Accountable Through Public Information
Speaking truth to power is never easy
Techrights Will Contact German Media About the EPO's Substance Abuse
This scandal won't "go to waste"
EPO Staff Losing Holidays, as Usual, as the Office Increases Profits by Illegally Granting Invalid Patents While Reducing Salaries
How much more can the staff endure and generally tolerate?
Free Software Does Not Always Speak for Itself, It Needs Advocates
Legal matters that relate to sharing of code will be discussed
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Monday, November 03, 2025
IRC logs for Monday, November 03, 2025
The Register MS Continues Looking for Money in Promotion of the "AI" Ponzi Scheme
That The Register MS participates in this deceit rather than tackle/debunk it says a lot about The Register MS
IBM Layoffs in "Software", This Likely Impacts Red Hat as Well
Many people say "software" people are impacted
Escaping Proprietary Software, Not Just Escaping Microsoft
To take control of your life adopt GNU/Linux
A Lot of Fake News About Microsoft Headcount (Also: Microsoft's Debt Rose by About 24 Billion Dollars in Past 12 Months)
If you see some headline about Microsoft's CEO making claims about hirings, look away
Techrights Turns 19 in Three Days
It would be nice to meet for a chat
Akira Urushibata on How Grokipedia Fails to Work
The Grokipedia article gives the wrong character for the "Ko" on "Koan"
Links 03/11/2025: Data Breaches, Wars, and Digital Censorship
Links for the day
Gemini Links 03/11/2025: Poetry, Old Androids and Small Shells
Links for the day
The Rumour Was True, Mass Layoffs at IBM Today
How widespread the layoffs are (or how they're disguised, e.g. PIPs) is hard to assess
Links 03/11/2025: Internet Anniversary
Links for the day
Two Years of Uptime
Reboots are seldom involuntary
Richard Stallman is Giving Another Talk in Less Than a Fortnight
in two weeks' time (13 days from now)
Windows Falls Below 20% in the UK
Many people choose to leave Windows altogether
Microsoft's Search Business Falls to Lowest Point in 2 Years, Based on statCounter
what can Microsoft sell other than shares in Microsoft?
Evidence Regarding Layoffs at Red Hat
Seems like IBM layoffs
Microsoft: Our "Goodwill" Value Grew More Than Tenfold Since 2011
Hallmark of pseudo-economics
GNU/Linux as a Boarding Pass
being mostly analogue is still feasible
Links 03/11/2025: Lack of Trust in LLMs and Windows TCO at Jaguar
Links for the day
Gemini Links 03/11/2025: Books in October and Change
Links for the day
Mozilla Firefox Won't Survive and Many Sites Don't Work With It (Compatibility Abandoned)
The Web has become monocultural
Debian is Non-Free
Devuan might be worth looking into
Slopwatch: Brian Fagioli and LinuxSecurity
This is a real problem and most certainly a big problem because when people try to find real information about security and GNU/Linux they instead read "word salads" made by bots
Four Reasons to Party With Us in Four Days, Celebrating the Four Freedoms
Today we expect to be back to a more-or-less regular publication pace
Links 03/11/2025: The "Smartphone Panopticon" and Belarus' Hybrid Attacks on EU Intensify
Links for the day
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Sunday, November 02, 2025
IRC logs for Sunday, November 02, 2025