Targeted Worm Hits Kazaa's Network 300
sh0rtie writes: "Kaspersky Labs and the BBC are reporting that the Fasttrack network that Kazaa uses has been hit by its first targeted worm virus dubbed 'Benjamin.' Is this a clever RIAA creation or that of a mischievous virus writer? I guess we will never know, but the result is that it seems to be bringing unsuspecting users machines to a crawl with full hard drives and clogging up the Fasttrack network with massive amounts of traffic bringing more headaches for ISPs and sysadmins worldwide."
Advertising? (Score:3, Informative)
It's an amusing idea to use a worm to carry a proft-generating payload, but it sounds like it'll leave a really big paper trail. The more advertisers you get, the bigger the trail.
Yep, Hit me. Here's what I did. (Score:5, Informative)
First, look out for small downloads, specifically anything with names such as "installer" or "downloader." I dont know how I got mine, but my brother's machine got hit after he tried to d/l the newest version of Britannica. Serves him right. When I went to see what he downloaded, I saw that it was a file around 700k.
Yes, it does spread over Kazaa lite.
Once it is installed, it proceeds to fill up your machine with approximately 700k files, usually in windows or winnt/temp/sys32. Thats where all mine were (Im running W2K).
However, dont go crazy yet. I downloaded the newest virus update for NAV (dated 5/17) and ran it. It picked all the downloads right up. Since they were all junk files that it had downloaded, I had it delete them all.
So far, so good. Havent had any recurrence since then (although this was last night, so I dont consider it enough time to truly test). Hopefully it really is this easy to clean up, but Im sure I will quickly find out.
Hope this helps.
Re:riaa (Score:3, Informative)
And how do you think all the kazza "pirates" are going to recoup money for not getting the files they were intending to steal?
Re:Overhyped? (Score:5, Informative)
I'm afraid it's not that easy, CmdrTaco. Firstly, you are assuming that the money is going to someone associated with the virus writer. However, from what I understand, there are three types of people who write viruses:
But let us assume that the money is going to the author of Benjamin for a moment. There is also unfortunately the issue of money laundering, offshore accounts, vapor operations, and rerouting of transfers that can make finding out where the money goes all but impossible if someone is clever enough to do it.
Assuming that someone is keeping the money for themselves, there are a variety of ways that it could be done. As referenced by Carl Sifakis...
Method 1 Typical Drug Dealer Method
Method 2 The Loanback Method
Method 3 The Money Broker Shuffle Problem
Mr A is Columbian drug lord. He has a million dollars sitting in New York badly in need of deodorization. Mr B is a legitimate Columbian businessman who wants to buy a million dollars worth of U.S. computers but his government wants 21 cents for every dollar he buys with his pesos.
Solution: They hire a money broker who for a nominal fee will solve the problem.
Method 4 The Omnibus Account Method
Swiss banks (and others I'm sure) maintain what is known as "omnibus accounts" at American brokerage houses. This make it easy for mafiosi to purchase American blue chip stock anonymously. Naturally, if they make a profit they pay no capital gains taxes on it because there are no records in the U.S. tying them to the stock purchases and the Swiss banks are bound by their laws not to reveal the names of their investors. This enables them not only to make money but to manipulate the market by buying large blocks of stock through the banks and then exercising their proxies, enabling them to determine who will be on the board of directors and who will be C.E.O.
In Short, if this person has half a brain, then just "seeing where the checks are going" will not reveal the culprit.
The Libra Eagles may soar, but a weasel never gets sucked into a jet engine.
The next big thing (Score:3, Informative)
Reading this story was the nail in the coffin for Fastrack, AFAIC. I was going to stick around a while until the new WinMX got it's legs, but forget about that now.
Hi Jonathan! (Score:2, Informative)