Today's Windows Virus - MyDoom / Novarg 847
Oddster writes "There is a new virus out by the name of Novarg which can infect all Windows versions from 95 to XP. It has two interesting features - first, in addition to mass mailing, it also distributes itself via the P2P network Kazaa. Second, it can perform a denial-of-service against www.sco.com. Details at Symantec
and F-Secure, although neither seems to have finished their analysis." Other readers have sent in links to coverage at CNET and Security Response, and Russ Nelson provides a sample message.
Finally! (Score:5, Funny)
i'm not scared... (Score:5, Funny)
whew.
i was scared there for a ss.....[NO CARRIER]
DOS huh? (Score:5, Funny)
Great! (Score:3, Funny)
How do I get it?
Serves people right.. (Score:5, Funny)
Dark Side of Linux Developers (Score:-1, Funny)
DDOS SCO (Score:5, Funny)
Virus... (Score:5, Funny)
You yung whipper-snapper virus writers and your MS holes got it way too easy.
On one hand it seems to be written by the RIAA, on the other it looks like some linux loony, can it be both?!
That's not a virus (Score:2, Funny)
idiots. (Score:5, Funny)
people... that is illegal and not the way to win the fight.
i'd say more, but i have to go load that virus on my 3 other laptops.
Re:Great! (Score:5, Funny)
Initial investigation on the Snort mailing list, seems to suggest that it opens up 63 threads that request sco's index page once every 300ms.
I just installed it on all of my servers
Re:Finally! (Score:5, Funny)
Re:Finally! (Score:5, Funny)
Re:Virus... (Score:5, Funny)
In my day we had to throw various insects into giant mainframe machines
Re:idiots. (Score:5, Funny)
Re:DOS huh? (Score:3, Funny)
Seriously, what's the betting that the author reads Slashdot? High.
Looking for the virus writer (Score:5, Funny)
Just show up, I'll brng the bat!!!!!!!
Pro SCO PR? Do some counter PR (Score:3, Funny)
Attempt to enter some code into some random OSS project that DoSes www.kernel.org or www.gnu.org or something like that then make a big media spectable out of it. Reveal 'hints' that point to some SCO fanatic inserting the code. On that note, I think SCO is capable of writing a virus to DoS their own site just to get some good PR ammo.
It's true (Score:2, Funny)
Re:idiots. (Score:3, Funny)
Oops. I think I hear SCO lawyers slithering out back...
=Smidge=
Re:SCO is down (Score:5, Funny)
Re:Bad example... (Score:3, Funny)
So who has the motivation? People who've shorted SCO stock and need it to fall, so they can cover their position. People who've invested in SCO and need a reason to sell off without explaining that they bought into something stupid. Not us.
Re:DOS huh? (Score:5, Funny)
Re:Serves people right.. (Score:5, Funny)
Re:Bad example... (Score:5, Funny)
Humour aside, if that was the intention of the virus, it should bring down the SCO email server (mail.sco.com) as well as www.sco.com. This would hurt sales and cause a major inconvenience.
SCO's lawyers are probably 'creating' a lawsuit as we speak - claiming the portions of the virus are SCO IP. (Which is just as believable as Linux containing SCO's code.)
SCO could also have written the virus - to hurt the image of their competition.
Re:DOS huh? - karma whoring (Score:3, Funny)
SCO, killing orphans and nuns since 1999.
Re:DOS huh? (Score:5, Funny)
Will this be the first virus I willingly load on my machine?
No, it'll be the second. You have to load Windows first.
Re:idiots. (Score:4, Funny)
Tell that to SCO
--
In London? Need a Physics Tutor? [colingregorypalmer.net]
American Weblog in London [colingregorypalmer.net]
Well... (Score:2, Funny)
50 years in the future... (Score:2, Funny)
Grandson (wide eyed): "Was that when you had keyboards granddad? Crikey. Pass the DNA-USB dongle over please..."
Why? (Score:4, Funny)
Re:DOS huh? (Score:5, Funny)
Just thought I'd throw in a stray comment... (Score:4, Funny)
Send donations to:
wenNOdoy@SPAMconsolidated.net
Re:Finally! (Score:5, Funny)
The last time someone told me I needed the latest virus patch I got into a shit load of trouble.
And they were from Microsoft.
You think I'm going to believe you. I hit that link and my soul belongs to some Romanian gangster.
I'm not that stupid.
Ironic (Score:3, Funny)
Strange coincidence.
Amen! (Score:2, Funny)
Re:Serves people right.. (Score:5, Funny)
I think perhaps the kind of people who would do that do not or cannot read the instruction book anyway but until you realize that you can feel a little unempowered.
Re:A threat? Really? (Score:2, Funny)
Sure, it might be a virus... But I can't take the chance I might miss a secret admirer.
Re:Serves people right.. (Score:2, Funny)
Re:DOS huh? (Score:2, Funny)
So I beg, could someone please send me a copy, my e-mail is sales@sco.com, please send ASAP.
Re:Finally! (Score:5, Funny)
In case the site gets
---
Re:Finally! (Score:3, Funny)
Not when my come home from work stress release is playing quake3 with my bosses face skinned over all the models. The extra traffic across the backbones is going to make my ping go to hell!!!
*disclaimer*
I work for myself and I really play counterstrike.
Re:Virus... (Score:5, Funny)
Re:A threat? Really? (Score:2, Funny)
> 2) It uses no M$ exploits (patched or unpatched) to install itself.
> 3) It depends on someone opening the attachment to start an infection.
Compared to the real world this would be something like:
"Whoa! Theres a black, unmarked bottle on my doorstep that reads 'Returned to sender'. I am quite f*cking sure I did not send this bottle in the first place. So why don't I open and drink it? It can't be dangerous!"
Anybody with some common sense would not act this way IRL, but with computers its all different...
I pity the state of the union
Re:Also arrives as a zipped executable! (Score:5, Funny)
Then you unzip it.
Then you execute it.
Why do the virus writers even bother writing code? If people are willing to do all that, it sounds like the next virus will consist solely of the text:
"Pick a friend at random. Go over to his house and bash his computer with a sledge hammer."
Re:port it to linux! (Score:2, Funny)
ping -f www.sco.com
or how about a crontab entry?
* * * * * wget -r http://www.sco.com
Re:DDOS SCO (Score:1, Funny)
Re:Oh no (Score:5, Funny)
No, he doesn't; it's a Windows virus, not a Linux virus.
Windows == terrorism
Proof that Windows is a danger to national and economic security.
the giveaway (Score:5, Funny)
"The worm encrypts most of the strings in it's UPX-packed body with ROT13 method," [f-secure.com]
I *KNOW* it was one of you fuckers...
I'm afraid this is more dangerous than we thought. (Score:1, Funny)
By attacking MS and SCO, they have given both companies leverage against Linux and more FUD than they could create by themselves.
These terrorists obviously want the US government to back those companies and drive useful (i.e. robust, efficient and able to be used against them) software out of the market.
Once, SCO and MS run things in the US no one will be able to recieve any more useful information or get work done.
Not to mention the citizens of the US will be so mired down in our inefficient and secured through near martial law practices that they will be too apathetic to care, and too slow to react.
A brilliant masterstroke...
Re:Serves people right.. (Score:5, Funny)
Re:DOS huh? (Score:5, Funny)
1. Viruses are free.
2. Viruses can be gotten from any good bbs.
3. If detected soon enough, most viruses can be removed from your computer without a huge loss of data and time.
4. Viruses don't take up HUGE wads of disk space.
5. Viruses don't need 4meg of ram to run.
6. Viruses do something.
7. Viruses come in flavors, not just one-size-fits-all.
8. Viruses use the "cutting edge" programming skills to make themselves less noticable. (untill they are ready to be noticed)
9. Viruses don't have major bugs. (if they do, then they don't work, so they're not virus')
10. Viruses don't have three different sets of documentation that is all mixed up and wrong.
11. Viruses don't leak things to the press about the upcomming Jerusalem 95, to keep people from switching to Michelangelo/2 Warp or better yet, XJerusalem.
12. Viruses don't put out stupid two page adds in magazines centered around the march 6 "activate button".
13. Viruses arn't on every computer.
14. Viruses don't have stupid wizards.
15. Who cares if a virus is 16 bit, even though it is advertised as 32?
16. Viruses don't say that they are user "friendly", when they arn't.
17. Viruses can run on PCDOS without warnings.
18. Viruses when installing themselves don't try to send private info about your computer over the phone lines to microstoned-net.
19. Viruses install themselves.
20. Viruses don't try to push out all compitition. They just try to do their job.
21. Viruses maker's don't try to buy Intuit (makers of Quicken (wouldn't that be fun, America's biggest finacial software company owned by a virus maker))
22. Viruses don't invade and take over PC Magazine, filling it with 100% junk on Win95.
23. Viruses don't try to copy what Apple does.
24. There are programs you can buy, or get free to remove viruses.
Ignores addresses containing .edu (Score:1, Funny)
How I imagine things (Score:5, Funny)
Cut to the labs of the antivirus companies:
Sir! The new virus seems to launch a DDoS against sco.com!
REALLY? Great work! Now
Take a 2 day lunch.
Re:Virus... (Score:4, Funny)
In in my day, single-cell organisms floated about in the primordial ooze, dreaming of the abacus, and hoping to even spot a loose piece of RNA, much less contact it.
And you try to explain *that* to the youth of today...
Re:Finally! (Score:4, Funny)
Re:Great! (Score:2, Funny)
Re:I would like to see a study done (Score:1, Funny)
Well, so far, four people out of those allowed to send mass mailings to all Computer Science students at a Penn State branch. Glad to know my parents (and taxpayers, etc.) are getting their money's worth.
Re:This was probably done to defame us (Score:3, Funny)
With 3 SCO posts a day, I already figured www.sco.com was under constant DOS from this community
Re:Finally! (Score:5, Funny)
---Note to John Ashcroft: the above was a joke.
Re:Funny things on the inside (Score:2, Funny)
Re:Finally! (Score:5, Funny)
As far as I can tell, this virus is not licensed under the GPL, and I can't find the source for it anywhere...
Re:Finally! (Score:5, Funny)
WooHoo (Score:3, Funny)
*sniff*
Im so happy. Somebody actually has me in their address book.
Re:Finally! (Score:5, Funny)
I think www.sco.com as we know it will probably have traffic from this virus FOREVER.
Which they will promptly PR-spin into a positive thing - "We are getting THOUSANDS of licensing inquiries EACH DAY!!" or "Our website has become one of the most POPULAR on the internet, obviously customers are very satisfied!"
Re:the giveaway (Score:2, Funny)
How long before... (Score:1, Funny)
Re:Finally! (Score:5, Funny)
Re:Finally! (Score:2, Funny)
Re:Finally! (Score:2, Funny)
Re:DDOS SCO (Score:3, Funny)
No, we sometimes sign petitions at petitiononline.com
Re:Finally! ...now for a bit of help... (Score:3, Funny)
Re:Amazing... and just plain wrong. (Score:3, Funny)
A good friend of mine works in the anti-virus industry. I asked him the same questions abous them making their own viruses to stay alive. His reponse was: "We still get enough business to stay alive from sircam and friends. If we wrote and published our own in addition, we'd be bigger than Microsoft now."
Re:Finally! (Score:4, Funny)
and of course an idiotic reply from MS. (Score:1, Funny)
from MS Expert Christopher Budd:
From the press:
Christopher Budd, a security program manager
with Microsoft, said the worm does not appear to
take advantage of any Microsoft product
vulnerability."
Squeeze me?
Baking powder?
Where does the adress books(key ingredient
to the virus transport mechanism) come from?
Unix PINE?
Gnome EVOLUTION?
talk about a moron from moronia!
off-topic note (Score:4, Funny)
Re:Finally! (Score:2, Funny)
For that matter beat the rush, and set system clock to Feb 1 today!!!