The Penguin Ping.
Wanna be Penguified? Just holla!
Got root?
Posted on 01/26/2004 5:45:19 PM PST by Golden Eagle
New virus infects PCs, whacks SCO
By Robert Lemos
update A mass-mailing virus that quickly spread around the Internet on Monday is compromising computers so they attack the SCO Group's Web server with a flood of data, according to antivirus companies.
The virus--known as MyDoom, Novarg and as a variant of the Mimail virus by different antivirus companies--arrives in an in-box with one of several different random subject lines such as "Mail Delivery System," "Test" or "Mail Transaction Failed." The body of the e-mail contains an executable file and a statement such as: "The message contains Unicode characters and has been sent as a binary attachment."
"It's huge," said Vincent Gullotto, a vice president in security software maker Network Associates' antivirus emergency response team. "We have it as a high-risk outbreak."
In one hour, Network Associates itself received 19,500 e-mails bearing the virus from 3,400 unique Internet addresses, Gullotto said. One large telecommunications company has already shut down its e-mail gateway to stop the virus.
Once the virus infects a PC, it installs a program that allows the computer to be controlled remotely. The PC then starts sending data to the SCO Group's Web server, a Symantec spokesman said.
The SCO Group has incurred the wrath of the Linux community for its claims that important pieces of the open-source operating system are covered by SCO's Unix copyrights. IBM, Novell and other Linux backers strongly dispute the claims.
SCO technicians couldn't immediately confirm that a denial-of-service attack had begun. By 4 p.m. PST, the company's Web site was slow to load, a SCO spokesperson acknowledged, but the site was still accessible from the World Wide Web.
SCO's Web site was taken offline by such denial-of-service attacks a handful of times in the last year. In the past, the company has blamed Linux sympathizers for at least one of the attacks.
Antivirus companies were scrambling on Monday afternoon to learn more about the virus, which started spreading about noon PST.
"A lot of the information is encrypted, so we have to decrypt it," said Sharon Ruckman, a senior director in antivirus software maker Symantec's security response center. Symantec has had about 40 reports of the virus in the first hour, a high rate of submission, Ruckman said.
Designed by hackers with a specific purpose in mind, to destroy a US company's website. Likely designed by foreigners, and definitely a proponent of Linux. But it's all Microsoft's fault you say?
I almost agree. What bothers me almost as much is the crowd that defends the hackers, and wants to place the blame on the software vendors instead. No different than blaming gun manufacturers for crimes commited with guns.
Wanna be Penguified? Just holla!
Got root?
What makes you say that?
It's possible you're right, but I wouldn't say definitely...
Microsoft is responsible for making such a thing even possible. This problem was solved technologically a LONG time ago, and it is a relatively trivial matter to sandbox these things. Sandboxing both in theory and practice has widely varying support depending on the OS, but Windows is one of the worst, hence why it is so easily exploited for these purposes.
Their excuse for such a marginal design security-wise is backward compatibility. Which I guess makes some sense, but I'd rather use an OS that does a much better job of isolating stupidity like email viruses.
Ok, make an argument it wasn't.
YOU are the one with the claim on the table.
Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.