Conficker Downloads Payload 273
nk497 writes "Conficker seems to finally be doing something, a week after hype around the worm peaked on April Fool's Day. It has now downloaded components from the Waledac botnet, which could contain rootkit capabilities. Trend Micro security expert Rik Ferguson said: 'These components have so far been missing, but could this finally be the "other boot dropping" that we have all been been waiting for?' Ferguson also suggested that people behind Conficker could be the very same who are running Waledac and created the Storm botnet. 'It tallies with some of the assumptions people have made about Conficker — that the first variant was actively trying to avoid the Ukraine because Waledac was Eastern European,' Ferguson added."
Re:Finally? (Score:3, Insightful)
No. It is the only news.
april fools? (Score:5, Insightful)
Potato Blight for computers (Score:5, Insightful)
One of the major causes of the Potato famine in Ireland was the reliance on a single product (the potato) and an inability to shift to a more varied diet. Things like ILoveYou and Conflicker are preying on exactly the same homogeneous environment as they know that hitting one element yields massive results.
Now given that this homogeneity has been driven in part via a convicted monopolist then it really is interesting how little political attention this gets. Arguably these sorts of attacks are more of a modern challenge than "traditional" terrorism and against a background of economic woe we can all do without a bunch of companies getting taken offline for a few days or suffering from industrial espionage.
We don't learn from history, we don't apply history to new cases we just stand back in amazement after letting homogeneity develop at the impact that a relatively simple flaw can have across a large group of people.
Re:april fools (Score:5, Insightful)
I think the Conficker was going for the clichéd horror film approach. Granted, it should have really done it on April 2nd but doing it this way has probably blind sided more people.
Re:Potato Blight for computers (Score:4, Insightful)
Yeah, because obviously the answer is to have a hundred different systems with a hundred different sets of vulnerabilities. That will be much easier to keep patched.
Re:actual article (Score:3, Insightful)
I suspect the former, but hope it's the latter.
Re:Potato Blight for computers (Score:5, Insightful)
Re:april fools? (Score:1, Insightful)
And if not, thats very surprising to me
Re:actual article (Score:3, Insightful)
Re:Potato Blight for computers (Score:5, Insightful)
Or, since the barrier to entry is so low as far as blackhats are concerned, ALL systems end up being more insecure and virus-ridden and no one benefits.
Or virus-writers will pick, instead of the top 1, the top 5, or the top 50% of systems, and target those. Unless it were a truly heterogeneous network, with every single person having their own hand-crafted OS and application set, there will be viruses because people, dammit, want to see the dancing bunnies.
Reference: http://www.codinghorror.com/blog/archives/000347.html [codinghorror.com]
Patch? (Score:5, Insightful)
well, actually you got a point but you come at it from the wrong angle.
The problem is that thanks to the net, EVERY COMPUTER IS THE SAME. Internet capable...
Effecticly, this is to sexually transmitted virusses as all of us screwing everyone else at the same. The internet is a gangbang of computers.
What this leads to is that no matter how obscure your OS and the bugs on it, someone somewhere will know about it and have, thanks to the sheer size of the net, have thousands if not hundreds of thousands of targets.
There may not be many amiga's left but if they were all infected, it would still be a nice botnet.
Re:That's just ridiculous.... (Score:3, Insightful)
I think your anglophobic ranting has blinded you to the OP's statement and argument.
[emphasis added]
The reliance on a single product - the potato - was unquestionably one of the major factors behind the famine. The fact that this reliance had socio-political factors as its root cause is totally besides the point. The fact is that the poorest people were reliant on the ubiquitous crop as their winter staple, and that ubiquity is what allowed one blight to cause such devastation. As you said yourself, it was all they had.
It's a good analogy, and you've needlessly muddied the waters by misreading and over-extending the OP's point.
Your suggestion that opposing open-source is a necessary step in increasing OS variety is weird and baseless. I'll grant you that completely free trade (as in "without restriction") would facilitate monopoly-practice and in turn engender a monoculture, which is how we found ourself in the current mess.
To suggest open-source development discourages variety though...? Wow. What's your reasoning behind that posit?
Re:Potato Blight for computers (Score:3, Insightful)
Why? It is often only necessary to attack the weakest link in the chain. To get inside a company network and copy documents available to employees, for example, only one employee workstation needs to be subverted. That is easier if there are several different systems running - just pick the crappest one and exploit that.
Of course, it's arguable that the one system which is widely deployed in a monoculture today is in fact that one crappest and least secure of all the choices available. In which case adding a bit more variety would not hurt things, but it wouldn't improve them either, unless almost all the Windows systems were removed.
Re:april fools? (Score:1, Insightful)
...start considering the threat that something big was happening on 4/1 the real joke.
Something big was was happening on the fourth of January?
Oh, never mind - you're an American. Of course. You write the date the wrong way around.
(I wish you people would think, occasionally, and realise that websites are international - there are intertubes running to other countries too - I believe even Canada has the internet these days.)
Re:Ahhhhhh... (Score:5, Insightful)
The parts of the Windows mainland who install security patches are also amused. I'm sure we'll all be amused right up until the Internet we all share with the infected losers goes all wonky.
Re:Patch? (Score:2, Insightful)
Because if even one system in your heterogeneous environment is exploitable you have just given them an easy backdoor to the rest of your system
Sure, if your sysadmin is an idiot. If one box being compromised results in full access to all boxes on the network, your system is poorly designed. Unless, perhaps, that one box is an LDAP/AD server or something.
Re:april fools? (Score:5, Insightful)
Half the world writes it 4/1 the other half 1/4
Half? About one twentieth of the world (by population) writes it month/day or month/day/year, in the so-called "middle-endian" form. The other nineteen twentieths mostly write it day/month or day/month/year, in the so-called "little-endian" form. The ISO 8601 standard is the "big-endian form" year-month-day which is used in a few countries.
http://en.wikipedia.org/wiki/Date_format#Date_format [wikipedia.org]
Re:Holidy Weekend. (Score:2, Insightful)
Comment removed (Score:4, Insightful)
Re:Holidy Weekend. (Score:3, Insightful)
Re:Holidy Weekend. (Score:3, Insightful)
Re:april fools? (Score:1, Insightful)
Which is stupid anyway. Every programmer knows: year/month/day is the only way to play.