Please create an account to participate in the Slashdot moderation system

 


Forgot your password?
Close
typodupeerror
×
Security

Targeted Worm Hits Kazaa's Network 300

Posted by timothy from the worms-churn-the-earth dept.
sh0rtie writes: "Kaspersky Labs and the BBC are reporting that the Fasttrack network that Kazaa uses has been hit by its first targeted worm virus dubbed 'Benjamin.' Is this a clever RIAA creation or that of a mischievous virus writer? I guess we will never know, but the result is that it seems to be bringing unsuspecting users machines to a crawl with full hard drives and clogging up the Fasttrack network with massive amounts of traffic bringing more headaches for ISPs and sysadmins worldwide."
This discussion has been archived. No new comments can be posted.

Targeted Worm Hits Kazaa's Network More

Targeted Worm Hits Kazaa's Network

Comments Filter:

  • any surprise? (Score:0, Insightful)

    by eyegor ( 148503 ) on Monday May 20, 2002 @04:43PM (#3553430)
    Yet another reason not to use them. geez....

  • Warez Connection (Score:2, Insightful)

    by _bobs.pizza_ ( 452394 ) on Monday May 20, 2002 @04:46PM (#3553465)
    how big of a surprise is this? The whole idea behind kazaa is that you can get music that you don't own. This reminds me a lot of the warez sites out there. How many of us trust them?

    You get what you pay for.

  • Stupid Virus Writer? (Score:5, Insightful)

    by Saeculorum ( 547931 ) on Monday May 20, 2002 @04:46PM (#3553466)
    From the article...

    In addition to eating up free disk space Benjamin takes additional actions: under the name of the infected computer's owner it opens an anonymous web site from which it displays advertising banners. This way Benjamin's creator profits by the resulting increase in advertising displays.

    I might be wrong, but I'd think it'd be quite easy to find where the money from the advertising banners is going to. Quite simple to find the virus writer.

    Of course, the recipient of the advertising revenue may not be the virus writer, but it's a good place to start.

    Stupid people amuse me.

  • How is it activated? (Score:4, Insightful)

    by Shagg ( 99693 ) on Monday May 20, 2002 @04:51PM (#3553521)
    The way I understand the article, it replicates itself in someone's share directory and waits for other Kaaza users to download it. How is it executed on the remote user's computer then? Do they have to specifically run the virus program, or is there a security hole in the Kaaza client somewhere that automatically executes the virus?

    I'm assuming users that download this file must specifically execute it. If this is true, then IMHO any person who downloads an unknown .exe from a P2P network and runs it without at least scanning it, deservers what they get.

  • Clever RIAA Creation (Score:2, Insightful)

    by BlueFall ( 141123 ) on Monday May 20, 2002 @04:51PM (#3553523)
    Is this a clever RIAA creation?

    What an incredibly irresponsible statement. Don't go pointing fingers until you have some evidence.

  • The money trail.... (Score:3, Insightful)

    by Mhrmnhrm ( 263196 ) on Monday May 20, 2002 @04:52PM (#3553526)
    Doesn't necessarily point to the culprit. Just because the webserver is hitting/serving up whatever the ad of the hour is, doesn't mean the person getting the checks is the virus writer. How difficult would it be for instance, for a blackhat to write a virus, have it hit/serve a bazillion ads, but send the money to a certain John Ashcroft, who just happens to live in DC, with a job at the DOJ? Especially given the talents of a true blackhat, this wouldn't be difficult at all. Unfortunately, that's what these posts of "Follow the money trail" are doing... it's entirely possible the writer borked up bigtime, but more likely that someone's being made a stooge, and that the money is just a red herring.

  • These poor script kiddies (Score:4, Insightful)

    by Henry V .009 ( 518000 ) on Monday May 20, 2002 @04:54PM (#3553562) Journal
    Whenever I think of what could be achieved by a virus using a P2P system, I am all the more astounded by the limited imaginations of these puny 13-year-old hackers.

    How about using a million computers working in parallel to break an weak encryption and read some third world govenment's military email?

    What about creating a secondary virus that uses known windows vulnerabilities and has a mathematically reasonable replication scheme to install itself on hundreds of millions more computers, and then use that to bring down the entire internet on a given day?

    What about turning these people's P2P servers into a humungous free proxy network, defeating internet censorship attempts of evil totalitarian regimes (like China)?

  • Re:yeah, it was the RIAA (Score:2, Insightful)

    by grung0r ( 538079 ) on Monday May 20, 2002 @05:17PM (#3553752)
    I know the RIAA didn't write it, it was proabably some self-rightous bastard alot like yourself. How can you possibly defend a company that acts the way RIAA members do? Do you think they care about you? You think all these "thives" go away that their gonna lower prices, or create good content? HA! They are using file sharing as an exuse to pass legislation that gives them a future stranglehold on content creation. "oh, you want to distrubute a song you wrote and performed? Not without the RIAA watermark seal of approval!" Stop defending companys whose soul goal is to make your computer into a nutered VCR, incapable of doing anything without the xxAA's express writen consent.

  • Hard to tell the worm from the software (Score:5, Insightful)

    by BCoates ( 512464 ) on Monday May 20, 2002 @05:17PM (#3553754)
    Hmm, uses your drive space and bandwidth, pops up ads, modifies your system configuration without your permission...

    Looks to me like the only difference between this trojan and the programs it comes in is that one has a EULA.

    Time for virus writers to wise up and disclaim liability with an incomprehensible clickthrough like all the other writers of malicious code...

    --
    Benjamin Coates

  • Re:Virus companies need the virus makers (Score:2, Insightful)

    by Triskaidekaphobia ( 580254 ) on Monday May 20, 2002 @05:17PM (#3553757)
    And Doctor's "need" the influenza virus. Doesn't mean they like it.

  • protection is easy... (Score:4, Insightful)

    by sluggie ( 85265 ) on Monday May 20, 2002 @05:29PM (#3553846)
    Just filter out all files under 1 meg... it worked for me since I guess it only shows up when searching for software...

  • Re:Yep, Hit me. Here's what I did. (Score:2, Insightful)

    by stevey ( 64018 ) on Monday May 20, 2002 @06:47PM (#3554490) Homepage

    People who download .exe's from filesharing systems are kinda asking for trouble, aren't they?

  • I just saw that in FUDD when I read it: (Score:3, Insightful)

    by _ph1ux_ ( 216706 ) on Monday May 20, 2002 @09:26PM (#3555379)
    "Some wery scawy weseawch has been aimed at discobewing just how fast a worm could infect the entiwe Intewnet"

  • Re:Never dload something executable off of P2P (Score:2, Insightful)

    by kraf ( 450958 ) on Tuesday May 21, 2002 @01:23AM (#3556358)
    > The lesson: never, ever download something executable off of a public P2P network like Kazaa, Gnutella, etc.

    Don't forget, gnutella runs on non-braindead platforms too.

Slashdot Top Deals

They are relatively good but absolutely terrible. -- Alan Kay, commenting on Apollos

Close