Bonum Certa Men Certa

New Flaw in Windows Facilitates More DDOS Attacks

Stachledraht DDOS attack



Summary: Shoddy Microsoft software continues to provide opportunities for disgruntled people to attack and take down servers they dislike

ANY Windows botnet which is enabled by "Zeus" (Zeus is known to be a cause of DDOS attacks) is already taking advantage of Microsoft's latest severe flaw which affects even fully patched Windows:

Miscreants behind the Zeus cybercrime toolkit and other strains of malware have begun taking advantage of an unpatched shortcut handling flaws in Windows. It was first used by a sophisticated worm to target SCADA-based industrial control and power plant systems.


No patch is available yet:

Security researchers have found more malware exploiting an unpatched Windows vulnerability via .LNK shortcut files.

According to Sophos blog July 23, two other pieces of malware have been observed targeting the bug. One is a keylogging Trojan the company is calling Chymin-A that is "designed to steal information from infected computers." The other is Dulkis-A, a "worm written in obfuscated Visual Basic" that contains several subcomponents.


More here:

Slovakian security firm Eset reports the appearance of two malware strains that exploit security vulnerabilities in the way Windows handles .lnk (shortcut) files, first used by Stuxnet to swipe information from Windows-based SCADA systems from Siemens.


We covered those SCADA incidents earlier today. This has a serious impact on the world's energy, not to mention those BP BSODs which we've already covered in [1, 2, 3].

The damage costs a lot of money and time (which can be equated to money) and the security world is "ill-equipped to solve digital whodunnits," reports The Register.

“A lot of those efforts are very unqualified and pedestrian,” said Parker, who is director of security consulting services at Washington, DC-based Securicon. “There's really not any science behind the efforts that many people have been making recently that have resulted in stories like China is attacking us, Russia is attacking us, Korea is attacking us.”


It is really hard to know where DDOS attacks come from these days. People don't control their Windows PCs, which can be hijacked and chained back to some botmasters whose interests are not known.

Georgia has an unfortunate DDOS story to tell about its national infrastructure; after years of investigation it is still not perfectly clear if the Russian government had something to do with it or not. One youngster claims responsibility, but can he be believed? It can be hard to verify. And if one youngster can paralyse an entire nation, what does that teach us about those Windows zombies he used?

Recent Techrights' Posts

Links 20/05/2025: Biden's Cancer, GDPR Changes, and UK Defamation Cases (or SLAPPs) Fail Again
Links for the day
Microsofters Targeting the Wife of the Critic of Microsoft
false claims and loaded statement
Microsoft a Top Sponsor at Red Hat Summit (IBM Selling Proprietary Spyware and Back Doors in a "Red" Trench Coat)
They both work for Microsoft
New 'Interview' With - or Talk Coverage of - Richard Stallman in the European Union
automated English translation
Gemini Links 20/05/2025: LLM Scraper Bots in Gopher and "Starmer and the Somewheres"
Links for the day
 
Gemini Links 21/05/2025: Trips, 4D Golf, and Writing Software
Links for the day
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Tuesday, May 20, 2025
IRC logs for Tuesday, May 20, 2025
Links 20/05/2025: "Bankrupt 23andMe Just Sold Off All Your DNA Data" and "Free Speech Warriors" MIA
Links for the day
Openwashing of Windows, Back Doors, Persistent Surveillance, Keyloggers, Screen Loggers, DRM and So On
WSL is not "Linux", it's Windows
IBM Mass Redundancies Likely This Coming Thursday
We're not in a position to judge if that's true or false
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Monday, May 19, 2025
IRC logs for Monday, May 19, 2025
Skype Fell Off a Cliff (Microsoft Killed It), All Microsoft Has Left Now is Slop and Spaghetti Code
"This isn’t about AI. This is a puppet show to drive stock prices up and down."
The Official SUSE Blog Uses LLM Slop to Compose Fake Articles Promoting Microsoft and Azure
even a little slop spoils the broth
Slopfarms (Machine-Generated Fake News Sites Authored by Bots With Slop Images) Spread GNU FUD
This isn't about Linux (GNU doesn't run just on Linux)
United States Federal Government's Digital Analytics Program (DAP): GNU/Linux Users Represent Close to 6% of Visitors This Year
How far has GNU/Linux gotten? Very far!
The "LLM Ouroboros of Shit" is Complemented by Even Worse Phenomena Caused by Microsoft's Contribution of SPAM and Pollution
Microsoft became a world leader in promotion of LLM slop
The LLM Ouroboros Phenomenon
Fact #1: over time slop gets worse (training set is like some blurry JPEG). Fact #2: People's "smell" for slop improves over time, as they 'train' on slop and can detect it based on prior encounters. Put 1 and 2 together.
Links 19/05/2025: Charges of Blackmailing Over Son Heung-min, Chad Opposition Leader Detained
Links for the day
Gemini Links 19/05/2025: Ableism, Silicon Monkeys, and More
Links for the day
How We Defeated DDoS Attacks
One of the best things one can do is migrate to an SSG
Microsofters Issuing Threats to Microsoft Critics Who Blog About Microsoft
So far we see that their "legal strategy" revolves around trying to discredit people like Theodore Ts'o
Links 19/05/2025: Political Catchup and CISA Advisories
Links for the day
TheLayoff.com Has Begun Deleting Trolls/AstroTurfers Infesting the IBM Section to Discourage On-Topic Discussion About Culls and Maladministration (Bad Strategy)
Moderators have realised there's a problem
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Sunday, May 18, 2025
IRC logs for Sunday, May 18, 2025