Posted on 04/27/2011 2:45:41 PM PDT by decimon
In an unusual move, federal authorities will be contacting computer users with systems infected by the Coreflood botnet Trojan and asking them to agree to allow them to send commands to the malware so it will delete itself. The move comes in the in the wake of a coordinated takedown earlier this month by the FBI and other authorities, in which the U.S. government essentially substituted its own command-and-control servers in place of those used by Coreflood and issued commands telling the program to shut down on infected PCs. The move reduced activity from the Coreflood botnet by about 90 percent in the United States and by nearly 75 percent worldwide. However, infected PCs still have dormant Coreflood software on them, and the feds would like to get rid of it.
A U.S. District Judge approved the Department of Justice’s request for a preliminary injunction that authorizes the action, giving authorities until May 25 to contact owners of systems infected by Coreflood and obtain consent to remotely remove it from their machines. However, the DOJ actually argued it didn’t need a judge’s permission to move on its deletion campaign, since it will be seeking written consent from owners of infected systems before going through with the deletion.
(Excerpt) Read more at news.yahoo.com ...
Creepy ping.
Say what?!
What is Coreflood?
Huh?
No freak’n way. If they have a command to disable/delete the damn thing, then PUBLISH IT!
But for all we know the code just tells it to send data to the Feds.
Just trying to get a nose inside the tent.
People can go to Microsoft, etc. and get the “removal software” if they wanted to distribute the fix that way.
This give the gub’mint authority to get onboard.
Spyware never asks for permission. I heard once upon a time that even the White House website was adding tracking cookies.
Incrementalism. Getting there one inch at a time.
But its for your own good.
Trust us, we’re from the government.
You can read more about it here: http://news.yahoo.com/s/afp/20110413/tc_afp/usitcrimecomputersecurityinternetcoreflood
I'm glad the feds are going after the crooks but it looks like a new line has been crossed here.
Is this just on Microsoft OSes?
What’s all this about seeking written consent? How many/few people are affected and where does the government plan on contacting them in writing?
I just went to CNET and found a McAffee “stinger” executable that is a free download (and suggested NOT to be a replacement for continuing virus scanning software) to remove Coreflood and other known viruses.
Systamec also grades the threat as low (not sure if that’s just because for now the servers are down).
http://www.symantec.com/security_response/writeup.jsp?docid=2002-112912-2439-99
It's malware that steals passwords to access and raid bank accounts. Worse, it's a botnet.
From Wikipedia: "A botnet is a collection of infected computers or bots that have been taken over by hackers and are used to perform malicious tasks or functions."
Sounds kind of sneaky.
It seems so.
Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.