When Malware Attacks Malware 135
PetManimal writes "Researchers say that the Storm Trojan/Peacomm worm has been tweaked to spread via IM programs and attack rival malware. Symantec sounded the alarm, and says that the exploit launches in AOL, Google Talk, and Yahoo Messenger windows that are already open, making it appear to be a legitimate message from a known user. The worm has modified the code from last year's Nuwar worm, and when activated, enables a DDoS attack against any site, including antispam services and servers supporting rival malware: 'Systems hijacked by Peacomm have also conducted DDoS attacks against at least five domains used by the creators of the noted Warezov (or Stration) worm. After a busy September and October, Warezov was credited by some analysts as the genesis of 2006's massive fourth-quarter spike in spam volume.'"
It begins (Score:5, Interesting)
Thus begins the ecology of internet software. CPU cycles are simply too valuable (en masse) for one piece of malware to share with others.
Eventually, look for malware to get better and better and rooting out rival malware in order to take its place. As well, look for malware to be more cautious about consuming host resources, lest it get noticed by a user or antivirus package.
It's no different than Earthly biology. We think nothing of the colossal number of parasitic microorganisms currently hitching a ride on our metabolism. Some like E. coli are so useful that we even enthusiastically encourage (Yoplait anyone?). Symbiosis carries major advantages along the lines of "division of labor". How many years before real symbiosis is realized among internet-connected computers?
It would also evolve the antivirus landscape. The "OMG sterilize all machines!!!1!" mantra would change into a more relaxed problem: calculate the most efficient amount of CPU cycles to allocate among the competing tasks of:
That's how our bodies do it, anyway.
It's more than that (Score:4, Interesting)
Re:If they'd just fix each other... (Score:2, Interesting)
Now, I know that it disturbs people to talk like this, but the aforementioned 'dumb' Windows end user doesn't need more than a few ports open for connection to his/her machine.
So if draconian measures are being bandied about in this thread, maybe anything but Port 80 should be blocked at the ISP at 'the last mile' connection by default. Need anything more, 'by special request' is the way it goes. Why should security be deployed at the end-user level if it's to protect 'a whole network.' That begs any rogue operator to be able to reck havoc at the client level, i.e. the way things are now.
Go ahead and rant, all you folks running 'servers' on your brother's old 486 box in the basement.