MyDoom Strikes Again 254
Renegade334 writes "Months after the last attack of MyDoom, MyDoom.AI returns. Like usual it was spread by e-mails with claims to have attachments that contain passwords for adult websites."
news: gotcha
Nice (Score:5, Funny)
Actually, it's under control (Score:5, Informative)
It's being reported [zdnet.co.uk] that thanks to pro-active action from the porn site in question, the problem is under control...
Re:Actually, it's under control (Score:2)
Re:Actually, it's under control (Score:5, Informative)
Re:Actually, it's under control (Score:5, Interesting)
Re:Actually, it's under control (Score:2)
Re:Actually, it's under control (Score:4, Funny)
--
One swallow does not a summer make.
Excellent sig. Did you choose it just for this story?
Re:Actually, it's under control (Score:2)
Re:Actually, it's under control (Score:4, Funny)
Re:Actually, it's under control (Score:5, Funny)
Re: Actually, it's under control (Score:3, Funny)
> Porn to the rescue, yet again!
Porn is like God: it helps those who help themselves.
Passwords for Adult Websites!! (Score:5, Funny)
Re:Passwords for Adult Websites!! (Score:5, Funny)
Re:Passwords for Adult Websites!! (Score:2)
Re:Passwords for Adult Websites!! (Score:3, Funny)
Re:Passwords for Adult Websites!! (Score:3, Funny)
This is all I need for a month!
Yay (Score:5, Interesting)
The virus companies write variants and release them to enforce the upgrades. I worked at a popular AV company doing front end work, not the actual engine, and when we got together for drinks the engine writers would talk about upgrade paths from what they were working on. Ever wonder why most viruses don't destroy your system? Because there's no money in an erased system. There is a lot of money in AV upgrades.
Re:Yay (Score:4, Insightful)
A = Corruption probability
B = Number of hosts on the network
C = Cost of patch
X = Cost of reinstall
If A + B + C is less than X, then they don't do a download!
Re:Yay (Score:3, Informative)
that should be:
If A*B*CX then....
multiply the probability times the cost... don't add it
Re:By which you mean (Score:2)
Problems with a " < " ? (Score:2)
Sans spaces, of course. If you want a Greater Than symbol, use & g t
Oh, and please turn over your geek license on the way out. Thank you. =)
--LordPixie
Re:Yay (Score:2)
That should read (corruption probability)*(number of affected clients)*(value of each client) + (cost of patch) - min((cost of reinstall), (cost of cleanup)). If that is less then zero, they lose money by getting the patch. There are also other factors, like bad marketing or protectin
Re:Yay (Score:2, Interesting)
The reasons why we are seeing a move away from the destructive payloads of yesteryear is that there is a lot more money to be made in compromising systems.
Whether the intention is to harvest a shedload of zombie remailers for spam markering or for some of the recently seen rogues capable of using a 'distributed computing' model for decrytpting databases there is lots of money in malware.
True , there is indeed a lot of money made by the AV companies for upgraded and improved software,stragey and
Re:Yay (Score:3, Informative)
Re:Yay (Score:4, Informative)
Re:Yay (Score:2)
Re:Yay (Score:2)
I recommend Linux/FreeBSD on the desktop for x86, or OS X for those on PPC.
Take your pick, much safer not to use Windows. And if you really have to use Windows, don't hook those boxen to the publicly connected network. Put them behind application level gateways, with really limited internet access (if any) Having a separate box for surfing and checking email helps.
Re:Yay (Score:3, Insightful)
Re:Yay (Score:2)
Re:Yay (Score:2, Insightful)
I mean think about it, 1st off, if they do that, they won't have the virus writers in the same setting as the other company employees, it's too risky.
2nd, with the number of AV companies out there, why hasn't one of them figured this out by now and gone public.
3rd, what is the propability of these employees staying silent all those years? No one has yet come forward AFAIK.
Correct me if I am wrong, but we already ha
Re:Yay (Score:2)
I think not (Score:2)
xe.com Universal Currency Converter ® Results
Live mid-market rates as of 2005.01.18 18:23:38 GMT.
0.02 CAD = 0.0163793 USD
1 CAD = 0.818966 USD
1 USD = 1.22105 CAD
Re:I think not (Score:2)
Re:Yay (Score:4, Insightful)
Re:Yay (Score:2)
Yay! (Score:2, Funny)
Oh, if only I knew how to open email attachments!
Given how its spread... (Score:4, Funny)
Re:Given how its spread... (Score:2, Funny)
Last time.. (Score:5, Interesting)
What they failed to mention was that they never did the critical updates that would have prevented this. Way to go guys. I guess it is all about how you report it.
Re:Last time.. (Score:3, Insightful)
If your IT head doesn't have system updates somewhat automated with AV and spyware software he should be fired on the spot. That report he sent out was nothing more than a PR move to cover his ass.
Question! Corporate-wide antispyware software? (Score:2)
Could you advice ANY good anti-spyware software which can be deployed corporate-wide? (with trial version)
Like Symantec Antivirus Corporate Edition or TrendMicro OfficeScan?
It is *PITA* to install/update defs and run spybot/adaware on every single computer on big LAN.
Re:Question! Corporate-wide antispyware software? (Score:5, Funny)
> which can be deployed corporate-wide? (with trial
> version)
Sure, a baseball bat. Beat the dummy who downloads spyware to death. For a trial version, try a plastic bat, so they'll just go Ouch!
Re:Last time.. (Score:2)
It's getting old, and I didn't even vote for the guy.
Re:Last time.. (Score:2)
Re:Last time.. (Score:2)
I already have 6 of these. (Score:3, Interesting)
Too bad... (Score:2)
Re:Too bad... (Score:2, Funny)
You mean like this one [slashdot.org]? :)
No Effect Felt (Score:2)
And, like usual, it hasn't affected most of us because even the Windows users among us understand basic tenets of email security.
Eat that (Score:5, Funny)
Where can I download this new MyDoom thingy?
Everyone forgets the most important question (Score:5, Funny)
Do the passwords work?
the rapture must be at hand! (Score:4, Funny)
Re:the rapture must be at hand! (Score:3, Funny)
Re:the rapture must be at hand! (Score:4, Informative)
He didn't refuse to have sex with her, he just pulled out when he came. Just like in pr0n videos.
Re:the rapture must be at hand! (Score:2)
Amazing! "Free pussy" and brains switch off! (Score:5, Funny)
Next version of the virus (Score:3, Funny)
The virus will fail miserably.
How to prevent this from affecting you (Score:2, Informative)
Re:How to prevent this from affecting you (Score:2, Insightful)
You should secure your e-mail client even more than your web browser.
Command to check if your system is susceptible (Score:5, Funny)
Re:Command to check if your system is susceptible (Score:2)
Yeah right (Score:4, Insightful)
No, it was spread by stupid users.
Why aren't vendors responsible (Score:2)
Now if a regular companies product is misused... the company still ends up with lawsuits (Toro, being the most famous). The product is defective... tons of lawsuits.
Yet Microsoft, despite it's weak software costing companies billions in lost revenue, and even having crippled a Naval ship, shut down governmental departments, etc....
Wh
Re:Why aren't vendors responsible (Score:2)
Re:Why aren't vendors responsible (Score:2)
Just to note, one could easily write a MyDoom for linux. Search for
Re:Why aren't vendors responsible (Score:2)
For free HOT SEX type your administrator password here:
(Standard text box)
(OK button)
Ok, so they wouldn't be able to infest their work PC's, but we would still have a million infested home machines. Social engineering is a social problem, the likelyhood of a technological fix is really slim. Sure, there are applications which are more secure by default, but an unin
Preying upon the pitiful: 21st Century Darwin (Score:2, Insightful)
The old adage holds true that all things, including virii, prey on society's pitiful. Unfortunately, counter to Darwinism, the weak are not eliminated from the Internet.
Sigh...
Porn (Score:4, Insightful)
Fool me once... (Score:2)
This really shakes what little confidence (none) I had in the general level of intelligence out there. Are they just a bunch of Homer Simpsons that keep opening the fucking attachments?
This is depressing. They're all morons. And they stay up all night calling Dell tech support just to see if they're really there (even on Kwanza).
Re:this is IT !! i'm outta here. (Score:2)
Re:this is IT !! i'm outta here. (Score:2)
Re:this is IT !! i'm outta here. (Score:2, Interesting)
If you show that you care about them. They will care more about work than personal browsing.
Re:this is IT !! i'm outta here. (Score:2, Insightful)
It's been my own long, painful experience that most people are as dumb as a box of rocks. But, hey; don't get upset about it, profit from it. Charge $250USD a pop to clean-up their brainless screw-ups. Long-term personal prosperity will be assured.
Re:this is IT !! i'm outta here. (Score:5, Interesting)
We recently had major flooding. Several of my clients have businesses in the flood zone (much cheaper rent). Most of those followed my advice and moved their hardware upstairs. A few did not and are not paying me major bucks for reinstalling, rebuilding and recovering everything they need. If they had just taken a day and moved eveything the first time (they are all now moving upstairs), then they would have saved much money and even more downtime.
But, in the end, how they run their business is their choice. All I can do is offer my advice and hope they listen.
InnerWeb
Re:this is IT !! i'm outta here. (Score:2)
Truth is we all do this in some places in our lives. Many of us (myself included) really don't want to do automotive work. I can, but I just don
Re:this is IT !! i'm outta here. (Score:2)
Come on, really. What makes you assume that everyone has learned about it? Or that even a tiny minority of non-IT-pros has truly "learned" about this any more than they have learned how to drive well, not block the grocery store aisle with their cart, spend less money than they have, not stub their toe in the dark, or a thousand other things that people, even high-wattage people, still do?
Everybody can't do every thing well, or even close to well. The key is providing them with tool
Re:this is IT !! i'm outta here. (Score:2)
Learned? (Score:3, Funny)
Re:Learned? (Score:4, Insightful)
> to be affected - mostly, they are the ones who
> keep on spreading those "forward this to 10 ppl in
> 10 seconds or you will throw third nipple". Give
> 'em more.
And if it was just those morons too thick-headed to read or listen to the TV, then I'd say "infect away!"
Unfortunately net admins like myself end up having to stare down the face of a hundred thousand zombies trying various means to bust in or break down my network.
Doing Something (Score:2)
Im not being a smart ass here, I think the problem is that no one really has an answer yet.. Not that we all dotn want it to stop ( well all of us except the anti-virus makers )
The same goes for spam.. no one yet has a good workable answer.. If there even is one.
Re:Doing Something (Score:3)
Honestly, there really is no excuse to stick with Windows unless there's some mis
Systemic Problems vs User Problems (Score:5, Insightful)
Anytime you allow users to do anything, you have the potitional for an infection that casues troubles.
Some platforms may currently be more prone to problems, but you can be assured whom ever has the largest market share will be the one under the greatest attack in the first place.
Remember too, some problems are platform independant, such as the JPG problem from last year.. Or sendmail.. or ssh.. or or or..
But regardless of any systemic issues, excluding true worms that come in at a system level, it still mostly boils down to users clicking things they shouldnt.. And it doesnt matter what system they are using.. They can still run a trojan and at the very least hose their profile.. ( and will ).
So i guess there is a solution afterall, no users.
Disclaimer: I'm a BSD user and am also virus free, but im not so blind ( or stupid ) to think we are invunerable.. We just are not a direct target, yet.
Re:Systemic Problems vs User Problems (Score:3, Insightful)
If half of computer users switched, we'd still be better off -- anything would be better than the monoculture we have now.
The fact that Linux/OS X/BSD whatever (as good as they are, and I do think they're innately more secure than MS offerings) aren't perfect either is no reason to stand by and just live with these Microsoft virus/worm problems.
There are valid reasons why it may not make sense for some people to switch, bu
Re:Systemic Problems vs User Problems (Score:2, Insightful)
Re:Systemic Problems vs User Problems (Score:2)
My weak analogy: Accidents on a roadway with no signs, lanes markings, or traffic laws could simply be blamed on "bad drivers". However, having lanes and laws to dictate the driving process, help reduce the likelyhood of even bad drivers getting in an accident.
If it were only popularity causing an OS to be targ
No.. It doesnt.. (Score:2)
Keeping off the radar helps greatly...
Re:Doing Something (Score:2)
Re:Doing Something (Score:2)
I wholeheartedly recomend Ubuntu Linux to whomever is looking for user friendliness similar to the mac. Unclutered desktop and system menus make it very easy to get used to.
I don't know of anybody who had trouble with OSX. The only thing that keeps me from it is the money, tho. As soon as I'm able to afford a Mac (the mini doesn't cut it for my needs) I'll probably get one.
Re:What's MyDoom? (Score:2, Insightful)
It's just some code to do bad shit, you email to idiots and trick them into clicking it.
This could be done on any OS. Just, no one really cares for an army of about 12 OSX-based bots, when they can get thousands of Windows boxes.
Re:What's MyDoom? (Score:2)
Now, given, this could be done for any other os. But in general it's only done for windows. A valid analogy would be if a man eating Tiger alert was issued for Pretoria, South Africa. Sure, tigers could live in America if released here and if so, there could be tiger alerts here as well. There's nothing intrinsically unsuitable about the environment that precludes such
Re:What's MyDoom? (Score:3, Funny)
They post here on slashdot all the time. They tell you silly shit like iPods make great external hard drives, and work well as backup devices.
They talk about using Gentoo as a backend server, because all you have to do is put "emerge sync && emerge -u world" in your crontab and nothing will ever go wrong, and the -funroll-loops in your CFLAGS will make it unga bunga faster.
Re:What's MyDoom? (Score:2)
Heh, for some reason, that reminds me of someone in the LUG back at college who apparently was running Debian Testing and had apt-get update or whatever in his crontab.
He stopped that after some upgrade killed his shell. (Which, as I recall, was "also his window manager." Apparently he thought only having a single xterm in his .xinit made bash his window manager.)
tesing login: user
Password:
Segmentation fault: core dumped.
testing login: root
Password:
Segmentation fault: core dumped.
testing lo
Re:What's MyDoom? (Score:2)
"OSX users be sure to click the Mac attachment. Don't worry, there are no viruses for OSX so it's perfectly safe to click it. Linux users - you need to type a special command due to the super secret nature of the passwords and the fact the companies don't want us sending them to you - unzip the file then type "make"..."
Re:What's MyDoom? (Score:2)
LOL, you really think Aunt Mildred is going to do all that? No, she'll tell her nephew Jason "I don't understand what they are telling me to do", and Jason will take one look at it and tell her it's a stupid scam, and just to delete it.
So, lotsa luck, you go ahead and try to spread a worm through linux. But let's
Re:What's MyDoom? (Score:2)
Besides that I'm making a point - the user is the weakest link, regardless of what's in the message. If all that was attached was a windows batch file with "DEL *.*" in it, people would STILL click it, and others would STILL consider it a "virus".
Re:What's MyDoom? (Score:2)
At least with most distrobutions, a virus theoretically could only do so much with user-level access. Though I do remember reading a while ago that Lindows (now known as Linspire) had no root password or everything ran as root or something to that effect. I hope they have since changed that.
Why is spyware something that doesn't plague Gnu/Linux systems? A common argument (and somewhat valid) is that Gnu/
Re:not creative any more (Score:2)
The ironic thing would be that every single sentence in that mail would be true: Indeed, there's a new virus (right there in the mail, in fact). Of course the attachment contains the virus signature (as part of a complete, working virus).
Re:not creative any more (Score:2)
Re:Haven't had a problem (Score:2, Funny)
damn, you must be an alcoholic by now.
Re:It'll never work (Score:2)