New Flaw in Windows Facilitates More DDOS Attacks

Dr. Roy Schestowitz

2010-07-27 22:03:18 UTC
Modified: 2010-07-27 22:03:18 UTC

Summary: Shoddy Microsoft software continues to provide opportunities for disgruntled people to attack and take down servers they dislike

ANY Windows botnet which is enabled by "Zeus" (Zeus is known to be a cause of DDOS attacks) is already taking advantage of Microsoft's latest severe flaw which affects even fully patched Windows:

Miscreants behind the Zeus cybercrime toolkit and other strains of malware have begun taking advantage of an unpatched shortcut handling flaws in Windows. It was first used by a sophisticated worm to target SCADA-based industrial control and power plant systems.

No patch is available yet:

Security researchers have found more malware exploiting an unpatched Windows vulnerability via .LNK shortcut files.

According to Sophos blog July 23, two other pieces of malware have been observed targeting the bug. One is a keylogging Trojan the company is calling Chymin-A that is "designed to steal information from infected computers." The other is Dulkis-A, a "worm written in obfuscated Visual Basic" that contains several subcomponents.

More here:

Slovakian security firm Eset reports the appearance of two malware strains that exploit security vulnerabilities in the way Windows handles .lnk (shortcut) files, first used by Stuxnet to swipe information from Windows-based SCADA systems from Siemens.

We covered those SCADA incidents earlier today. This has a serious impact on the world's energy, not to mention those BP BSODs which we've already covered in [1, 2, 3].

The damage costs a lot of money and time (which can be equated to money) and the security world is "ill-equipped to solve digital whodunnits," reports The Register.

“A lot of those efforts are very unqualified and pedestrian,” said Parker, who is director of security consulting services at Washington, DC-based Securicon. “There's really not any science behind the efforts that many people have been making recently that have resulted in stories like China is attacking us, Russia is attacking us, Korea is attacking us.”

It is really hard to know where DDOS attacks come from these days. People don't control their Windows PCs, which can be hijacked and chained back to some botmasters whose interests are not known.

Georgia has an unfortunate DDOS story to tell about its national infrastructure; after years of investigation it is still not perfectly clear if the Russian government had something to do with it or not. One youngster claims responsibility, but can he be believed? It can be hard to verify. And if one youngster can paralyse an entire nation, what does that teach us about those Windows zombies he used? ⬆

Gemini Links 25/10/2025: Portugal, Midnightpub, and "Tech Right Admins": Links for the day
Almost 2026 Already (When We Turn Twenty): In just over a year the site will turn 20
When "Sponsored Feature" in The Register MS Means Ponzi Scheme Promotion From the Communist Party of China (CPC): the promotion of a financial scam
Week of EPO Leaks: Workers of the EPO Are Getting a Pay Cut While Prices Rise Fast: More to come in the next few days
Microsoft is Finally Giving Up on XBox, The Chief Says the Grapes Are Sour Anyway: Microsoft loses hundreds of dollars on each XBox that it sells
Slopwatch: LinuxSecurity, UbuntuPIT, and Various Slopfarms Propped up by Google News: Why can't Google News do better than this?
Links 25/10/2025: Two New Smokescreens for Scam Altman and ‘TikTok USA’ Remains in Limbo: Links for the day
Bad faith: can't change Debian Social Contract (DSC) without unanimous consent of every joint author: Reprinted with permission from Daniel Pocock
Confirmed: Very Close Friend of Bill Gates and Microsoft's Biggest Patent Troll Nathan Myhrvold Flew the Lolita Express (a Gateway to Pedophilia), According to Bill Gates-Sponsored Seattle Times: There is no speculation or any "conspiracy theories" here;' those are verified facts
Gemini Links 25/10/2025: "The Highest Leader of The Global Civil Society Community", SSL Certificates Causing Bitrot: Links for the day
Links 25/10/2025: Target Layoffs and "Shutdown Sparks 85% Increase in US Government Cyberattacks": Links for the day
"Big Data" Was a Big Lie: Remember "Big Data"? Remember "Data Scientists"...?
statCounter Has Been Broken for a Long Time: Considering the huge proportion of Web requests that come from LLM bots (more so this past year or two), statCounter may struggle to justify the operating costs
Techrights Anniversary Party on November 7th: Let us know if you need any accommodation-related arrangements
Trends That Must Alarm Microsoft and Mozilla: Expect Firefox to no longer be supported by various sites in the US
Why Microsoft Became the Layoffs Leader: The corporate media is projecting or signalling its own dishonesty when it tells us that Microsoft is a very "valuable" company while the data shows Microsoft is also a "market leader" in layoffs
Speaking for Ourselves and Letting the Facts Speak for Themselves: we've already published over 50,000 pages
For Second Time in a Day The Register MS Takes Money From Private Companies to Sell a Ponzi Scheme: Do not have empathy for those who have zero empathy towards you
IBM is Misleading IBM Shareholders: IBM is still all about vapourware and buzzwords
Over at Tux Machines...: GNU/Linux news for the past day
IRC Proceedings: Friday, October 24, 2025: IRC logs for Friday, October 24, 2025
The Serial Slopper Starts Up - or Restarts - His Plagiarism Machine (LLMs): Serial Sloppers like these don't belong in news sites. That's why he got sacked by BetaNews.
Links 24/10/2025: Esperanto Music History, Anxiety, and New Portals: Links for the day
[Video] Richard Stallman's Talk in Sweden, Attended by Nearly 700 People, is Now Online: The Web page is in Swedish, but the talk is in English
Slopwatch: LinuxSecurity.com, Linux Journal, and Pet Slopfarms of Google News: Why does Google News still advance these fake sites to the top of search results?
Links 24/10/2025: Inequality Grows, Billion-Dollar Scam Center Industry: Links for the day
Links 24/10/2025: "Independent Media in Cambodia is Collapsing" and Serious F5 Breach: Links for the day
Coping With the Site Going More Mainstream: Fame is no laughing matter
They Never 'Put Down' Corporations: There are "pests" that are traded in Wall Street
21 Pages in Less Than 7 Hours is No Joking Matter: We've become a lot more effective and efficient
Correct Information is a Valued Asset in the Age of Slopfarms and Public Relations (PR) or Spin: Publishing suppressed facts is never easy
The Register MS Continues to Bag Money to Promote a Ponzi Scheme, Even Money From China: Today in the front page
analytics.usa.gov: The Only Supported Version of Windows (This Past Week) is Only Used by About 13.9% of People in the US, the Home Base of Windows: Even Vista 7 is still used more
Rust is Very Secure: If only Rust itself is secure
Who Will be Held Accountable for Breaking Ubuntu by Imposing Rust on Otherwise-Functional Programs, in Effect Replacing GNU With Proprietary Microsoft (GitHub)?: they're practical people who merely point out that a bunch of buffoons not only ruin Ubuntu but also every future distro based on Ubuntu
Generation Chaff - Phase VIII: In Summary: Like "Science" with a capital "S", what we see here commercial interests usurping everything
Generation Chaff - Phase VII: Curtailing Alternative Media: There was always an obligation - a collective duty of sorts - to uphold independent journalism
Generation Chaff - Phase VI: Centralisation of Information (X, Cheetok/Fentanylware): Would you trust information when controlled by such people?
Generation Chaff - Phase V: Censorship of Dissent (Painted as Harassment or Terrorism): Censorship is all around us now
Generation Chaff - Phase IV: Apps Only Few Companies Decide On: Tools are being collectively confiscated, under the premise or false prospect of "security"
Generation Chaff - Phase III: Slop and Plagiarism: A lot of the current so-called 'economy' is built upon false valuations
Generation Chaff - Phase II: "Cloud", Blockchains and Other Hype: For those of us who turned down those propositions there was a struggle; we needed to justify not having skinnerboxes or "social" accounts in some site run by a private company
Generation Chaff - Phase I: Social Control Media: IRC predates the Web
Over at Tux Machines...: GNU/Linux news for the past day
IRC Proceedings: Thursday, October 23, 2025: IRC logs for Thursday, October 23, 2025
More Clues Shed on Collapse of Microsoft XBox: XBox is basically circling down the drain as Microsoft implements 2-3 waves of layoffs each month
'Vibe Coding' Doesn't Work: In a lot of ways, so-called 'Vibe Coding' is already considered vapourware or a passing fad promoted in the media by managers who try to justify mass layoffs, especially ridding companies of "very expensive" software engineers
Links 24/10/2025: Microsoft's Killing of XBox Connected to Revenue/Profit Problems, "How Elon Musk Ruined Twitter": Links for the day
Gemini Links 24/10/2025: 86,400 Seconds and "Society's Task": Links for the day
Slopwatch: Google News and Slopfarms That Relay Nonsense From LLMs: Google News, which once prioritised or used to care about provenance and quality, is feeding slopfarms
Links 23/10/2025: More Health Concerns Over Dumb Chatbots (LLMs) and "Talking Cars" as Latest Buzz: Links for the day
Gemini Links 23/10/2025: Daylight Savings Time and Duration Shorthand: Links for the day
Links 23/10/2025: LLM 'Hallucinations' (Defects) in Practical Code 'Generation', China Becomes More Economically and Technologically Independent: Links for the day
Why We Support Richard Stallman and You Probably Should Too: It's not about being "Richard Stallman fan", it is about maintaining the right to hold positions (on technology) like his
Linux Foundation Uses LLM Slop to Promote Microsoft in Linux.com (Again), Rendering It a Linux-Hostile Slopfarm: Openwashing with slop by "Linux.com Editorial Staff", which basically seems to be a bot
Some Large German Media Covers Richard Stallman's Talks in Germany Earlier This Week: LLM-based chatbots are just "bullshit generators" (as he has long called them)
Links 23/10/2025: Windows TCO Galore and "The Internet Is Going to Break Again": Links for the day
Trouble in Red Hat/IBM and a Retreat to Ponzi Economics in Search of Wall Street Market Heist: Would you invest your life savings in this kind of crap?
Who Asked Software in the Public Interest (SPI) for a Refund? ($100,000, Resulting in Losses of $267,201 in 12 Months, Highest-Ever Losses): The IRS does not reveal who or what's tied to this refund (or the cause/reason)
Social engineering attack: Debian voted to trick you on binary blobs: Reprinted with permission from Daniel Pocock
Techrights Will Always Stand for Women's Rights: We even invest money - personal savings that it - in our principles
Certified Lawyers Should Know Better (Than to Intimidate Us With Man Who Drives on Motorcycle Through a Really Bad Storm Between Distant Cities, Then Collects Photos of Our Home): Mentioning someone was in prison for bad things isn't a crime, it's a public service
The "AI" (Slop) Bubble is Already Imploding: "ChatGPT Usage Has Peaked and Is Now Declining, New Data Finds"
The So-called "Sexy" Buckets (AI, Quantum) Cannot Save IBM From Reality, Shares Tank: "No matter how much financial hocus-pocus they use to reclassify revenues to land in the "sexy" buckets (AI, Quantum), it still smells old and musty - just like this company."
Paul Krugman is Wrong About the Scope of Mass Layoffs in the United States: A few years ago society was accelerating its journey towards feudalism, boosted by COVID-19
Links 23/10/2025: Proprietary Blunders and CISA's Latest Disclosure of Holes: Links for the day
Gemini Links 23/10/2025: Fast Past (F1), 99.9% Uptime: Links for the day
Over at Tux Machines...: GNU/Linux news for the past day
IRC Proceedings: Wednesday, October 22, 2025: IRC logs for Wednesday, October 22, 2025

New Flaw in Windows Facilitates More DDOS Attacks

Recent Techrights' Posts