Microsoft Botnets: The Chaos Continues

Dr. Roy Schestowitz

2009-01-18 23:50:49 UTC
Modified: 2009-01-18 23:50:49 UTC

Zombie
Fear not the Windows zombies

There are many ways to "Suck at Information Security", but one easy way is to choose a platform that leads to entire military bases getting cracked.

The British military is one of the very few which choose this tactless route even for nuclear submarines and it costs it dearly.

Virus ‘sends RAF e-mails to Russia’

THE Ministry of Defence is investigating a major breach in security amid claims that all e-mail traffic from a number of RAF stations has been sent to a Russian internet server.

The e-mails were allegedly diverted to the Russian sender by a worm virus that entered the MoD systems 12 days ago bringing down computers and blocking e-mail communications across the military.

The world is already filled with about 320 million Windows PCs that are zombies, so what's another massive botnet anyway?

New Botnets Replace Vanquished Pests

Although the shutdown of a California Web hosting company eradicated several prominent botnets last year, others have stepped up to fill the gaps, a security researcher says.

Gone from the landscape, said Joe Stewart, director of research at Atlanta-based SecureWorks Inc., are "Srizbi" and "Storm," the botnets Stewart ranked as No. 1 and No. 5, respectively, in an April 2008 botnet census.

How can anyone combat Windows worms that appear all the time in new forms?

A variant of a malicious worm that targeted Microsoft Windows now is spreading via USB sticks, researchers say.

Security company BitDefender Labs, based in Bucharest, Romania, detected the Windows worm variant in late December. The original worm known as Win32.Worm.Downadup, first made its appearance in late November, exploiting a Microsoft vulnerability in the Windows RPC Server Service. Since then, it has rapidly spread across numerous corporate networks with the aim of distributing malicious software on susceptible computers.

Even an Instant Messaging (IM) program is no longer safe because Microsoft turned simple communication protocols into something that can invoke unknown executables.

Internet MSN users are warned. Some programme writers are now using IM to spread malicious programs such as viruses and worms. These viruses can spread when a person opens an infected file, such as pictures of pornographic nature, that is sent through IM by someone who appears to be a contact.

Why is a program for exchange of text leading to the running of untrusted code? This is an architectural deficiency that would prove costly. Outlook and ActiveX are almost perfect examples and they requires no social engineering to lead to a raft of menaces. ⬆

"Our products just aren't engineered for security."

--Brian Valentine, Microsoft executive

Comments

Needs Sunlight

2009-01-19 14:15:50

The recurrence of MSN worms ought to be a warning that it's past time to switch IM protocols and networks, for those still in the stoneage.

MSN, live.com, and any other worm site ought to be blocked at the firewall. Same for ports used by MS Messenger.

XMPP and Jabber are the next-generation chat/messenging protocols. Use them or lose out.
The Mad Hatter

2009-01-20 02:09:48

And of course whenever a worm/virus/security hole is mentioned in the news, they never mention that it's a Microsoft only problem, and if you point this out to the news media, they don't take any action. The fact that Microsoft is often one of their major advertisers has nothing to do with this of course.
Roy Schestowitz

2009-01-20 03:07:51

Here's an E-mail that I received this morning (for sharing):

Hi, Roy,

Here's an example of pro-MSFT spin on headlines. All it takes is one bad member on the editorial team and an entire publication can be compromised, like here:

http://www.cnn.com/2009/TECH/ptech/01/16/virus.downadup/index.html?eref=rss_tech" title="Downadup virus exposes millions of PCs to hijack

The title is "Downadup virus exposes millions of PCs to hijack". If we stick with the standard usage of the verb "expose" then the correct title is "Windows exposes millions of PCs to hijack"

Had it been a Linux worm, there would probably be a different headline, no? The mythology of Microsoft is that "all computers" are not secure and "Windows is the standard".

Greener Pastures for Free Software Users: This coming week we'll publish many articles about GNU/Linux and technical means of/for user empowerment
Google News, Which We Call Gulag Noise, is Following the New York Times Into the Digital Graveyard: It merely gives an illusion of volume and instead of giving readers more stuff to read it wastes people's time
Over at Tux Machines...: yesterday's posts
Software Freedom is the Future and Microsoft is the Biggest Obstacle: GNU/Linux, at its roots, was all about Software Freedom
The GNU/Linux Revolution Ain't Here. Look at Brazil, Russia, India, China, and South Africa (BRICS) Instead.: The revolution won't be televised
Chaffbot Effect: Microsoft Bing Falls to Lowest Share in Two Years (Amid Loads of Bing Layoffs This Year): Press outlets mostly failed to report that Bing is collapsing
GNU/Linux Distributions as "Appliances" and DRM Platforms (the Case of ChromeOS and SteamOS): Is this what we envisioned in the 1980s and 90s?
Fulfilling the Site's Full Potential: We remain devoted to the aforementioned goal of posting more original material
Over at Tux Machines...: 2 days' worth
IRC Proceedings: Monday, October 02, 2023: IRC logs for Monday, October 02, 2023
Daily Bulletins Coming Soon (Hopefully as Early as Next Week): Today we finish testing IRC logs and their upload to Gemini, not just to IPFS
Links 02/10/2023: NUC, GTK Themes, and More: Links for the day
New Union Syndicale Articles About the European Patent Office: We'll probably get back to regularly writing about the EPO in the near future
If WordPress Knows Well Enough to Self-Host Its Podcast, Why Can't GNU/Linux Shows Do the Same?: For those who want videos and podcasts, here are today's latest additions from other sites
Richard Stallman Can Outlive Many of His Prominent Haters: M.J.G. tried hard to take our Web site offline, based on lies and repeated threats
Forget VSCode (Microsoft's Proprietary Spyware), Use KATE Instead: KATE is great
Sometimes It's Time to Reboot: No, not Android. KDE.
Upcoming Talk by Dr. Richard Stallman: Large Language Models Are Not Artificial Intelligence: LLMs aren't truly intelligent and cannot quite grasp what they spew out
GulagTube is a Burning Platform (Exit YouTube, Invidious Won't Save Us From Google/Alphabet in the Long Run): Alphabet Agency (Google) sees the future of video as a "skinnerbox" (running Android) that indoctrinates you like TikTok does
Microsoft's Demise in the Global News Cycle is Rather Telling: It should be noted that Microsoft is, in general, no longer prominent or dominant in news headlines
Gemini Migration and Backup Capsule (Archive): At the end we'll end up with something a lot better than before and latency should be massively reduced
Links 01/10/2023: Science, Education, and pro-Russia Slovakia Leadership: Links for the day
IRC Proceedings: Sunday, October 01, 2023: IRC logs for Sunday, October 01, 2023
Links 01/10/2023: Climate, Patents, Programming, and More: Links for the day
Apple and Microsoft Problems: half a dozen links
Malware in the Ubuntu Snap Store, Thanks to Canonical Bloatware Mindset: Reprinted with permission from Ryan Farmer
Gemini Rising: There are 3523 capsules
Richard Stallman Gave a Talk Yesterday, Will Give Another Talk Today, and Will Give Two More Talks in Germany Later This Week: Those cover at least 2 different topics
Beware the Microsoft Sharks: We won't forgive and forget
IRC Proceedings: Saturday, September 30, 2023: IRC logs for Saturday, September 30, 2023
Don't be Afraid of the Command Line, It Might Even be a Friend: There's a tendency to think that only graphical interfaces were made to simplify usage, and any declarative interface is by design raw, inherently unfit for usage
One Positive Note About GNU/Linux Coverage in 2023 (Less Microsoft): GNU/Linux users do not want this, with very rare exceptions
Snaps Were Never Good at Security, But the Media Coverage is Just Appalling: The media should focus on culling Windows, not making a huge fuss over minor things wrongly attributed to "Linux"

Microsoft Botnets: The Chaos Continues

Virus ‘sends RAF e-mails to Russia’

New Botnets Replace Vanquished Pests

Comments

Recent Techrights' Posts