Site Overlay

Do Anti-Virus Companies Love Viruses?

Are anti-virus companies behind the viruses? Avecho, Britain’s ‘complete worry-free mail service’, reckons “the world needs to wake up to the fact that the anti-virus industry is not an anti-virus industry, it is a definition-selling industry and they just love these viruses. The more afraid you are, the more money you spend with them.” This problem is solvable, quickly, according to avecho. It points to avecho’s own ThreatCENSOR, which “applies a wonderful, simple piece of logic which has stopped MiMail, SoBig, MyDoom and all variations of Bagel and NetSky. It is not rocket science, it is simple and fool-proof. It is based upon the realityContinue readingDo Anti-Virus Companies Love Viruses?

The Bagle Worm

I’m getting quite a few warnings about a new worm called Bagle, so I thought I’d pass them along. MessageLabs, an email security company, says it’s currently spreading at an alarming rate. The first copy of the worm was intercepted from Germany, and at the moment the majority of copies are being captured as they are sent from Australia. It seems to have several bits to it: The worm arrives as an attachment to an email with the subject line ‘Hi’ and has a random filename, with a .exe extension. W32/Bagle-mm searches the infected machine for email addresses and then uses its own SMTP engineContinue readingThe Bagle Worm

Happy Birthday, SoBig

A press release from email security folks MessageLabs points out that tomorrow is the first anniversary of the SoBig.A worm’s debut. SoBig.A (the A bit means it was the first of a stream of worms that were somehow based on the SoBig worm) wasn’t just any kind of worm, MessageLabs point out. SoBig.A was unique in being the first virus to use convergence techniques to create maximum havoc. Basically this means SoBig.A didn’t just do one thing. It incorporated both spamming and virus writing techniques — infecting hundreds of thousands of computers worldwide, installing open proxies on compromised machines, which were then used to disseminateContinue readingHappy Birthday, SoBig

The Year Of The Worm

Nothing new in this, but a fascinating summary of this year’s viruses, and a sober reminder of how tricky it’s all getting: F-Secure’s review of 2003 makes for interesting reading. This for example, on how the Slammer worm caused so much network traffic: In theory, there are some 4 billion public IP addresses on the Internet. The Slammer worm was released on January 25, 2003 around 04:31 UTC. By 04:45 it had scanned through all Internet addresses – in less than 15 minutes! This operation can be compared to an automatic system dialing all available phone numbers in the world in 15 minutes. As onContinue readingThe Year Of The Worm

News: Wanted, Dead Or Alive: Virus Writers

 Microsoft is a mite upset, and is offering $500,000 reward to inform on the virus writers responsible for the Blaster and Sobig worms. (In August, if you recall, the Blaster-A worm infected many unprotected home and business computers, attempted to launch a denial of service attack against a critical Microsoft security update website, and, most importantly, mocked Microsoft chairman Bill Gates. The worm exploited a critical security hole in versions of Microsoft Windows. Just days later the Sobig-F worm, which spread on the Windows platform, bombarded email users around the world, clogging up email servers.)   Sophos, the anti-virus people, had this to say: “It’s noContinue readingNews: Wanted, Dead Or Alive: Virus Writers

Update: More On The Spiral of Evil

 Spammers may be using viruses to attack their enemies. Further to my column on how virus writers and spammers may be in cahoots to deliver spam, The Register reports that anti-spam activists have produced fresh evidence that recent assaults — called Distributed Denial of Service attacks, or DDoS, — on their websites have been enabled by the infamous Sobig worm.   Two anti-spam services, Monkeys.com and the Compu.Net “block list”, have already closed in the past week. Spamhaus has been under constant “extremely heavy” DDoS attack since early July, and they believe the attack against his site and others originates from Windows machines infected withContinue readingUpdate: More On The Spiral of Evil

Update: It Isn’t Over Until The Fat Lady Starts Writing Viruses

 Fridrik Skulason’s open letter draws attention to another point: that while Sobig.F was scheduled to die out on Sept. 10, we might just have been lucky this time. He compares the two recent attacks — Sobig and Blaster — and concludes that if the guy or guys who write the next version of Sobig look closely, they may combin the two and create a real monster:   “With Sobig.F scheduled to die out today, Sept. 10th, the problem might go away for a while – until the next similar worm appears. And this is the scary part. Sobig.F didn’t really infect that many machines world-wide, maybeContinue readingUpdate: It Isn’t Over Until The Fat Lady Starts Writing Viruses

I’m Not Saying Worms Are A Good Idea But…

 One small consolation of worms like Sobig is that you end up having a large number of inadvertent penpals. It’s like a huge chainletter. Sobig ransacks address books and fires off emails to all and sundry, along with the worm (which then does lots of damage, I’m not contesting).   While I don’t condone the activities of silly anti-virus vendors who haven’t figured out that worms like Sobig fake the sender of emails (see my earlier posting on this) — making the sending of automated emails to the apparent senders of worms an absurd and self-defeating endeavour — it’s kinda interesting to get emails fromContinue readingI’m Not Saying Worms Are A Good Idea But…

I’m Not Saying Worms Are A Good Idea But…

 One small consolation of worms like Sobig is that you end up having a large number of inadvertent penpals. It’s like a huge chainletter. Sobig ransacks address books and fires off emails to all and sundry, along with the worm (which then does lots of damage, I’m not contesting).   While I don’t condone the activities of silly anti-virus vendors who haven’t figured out that worms like Sobig fake the sender of emails (see my earlier posting on this) — making the sending of automated emails to the apparent senders of worms an absurd and self-defeating endeavour — it’s kinda interesting to get emails fromContinue readingI’m Not Saying Worms Are A Good Idea But…

Update: The Sleazy Side Of Virus-Stopping

 Further evidence of viruses being turned into advertising spam: MailWatch kindly informed me that a message sent in my name had SoBig F aboard: “MailWatch has scanned your e-mail message and determined it can not be delivered as originally sent,” the message says.  As I’ve pointed out earlier, just because a virus appears to be from the sender, doesn’t mean it is. You’d think MailWatch, being in the business, would know this. The email then goes on to say that “MailWatch can help you avoid these problems in the future by scanning your e-mail for viruses, Spam and objectionable content. Visit http://www.MailWatch.com to read about theContinue readingUpdate: The Sleazy Side Of Virus-Stopping

Copyright © 2020 loose wire blog. All Rights Reserved. | Catch Sketch by Catch Themes