Virus has had Vancouver school computers down for three weeks - so far

Macdailynews.com Vancouver Sun ^ | january 30, 2009 | Mary Frances Hill

[Swordmaker]

MacDonald said the school's Parent Advisory Council had paid for a computer lab with Macintosh machines, which haven't been affected.

;^)>

[Swordmaker]

MacDonald said the school's Parent Advisory Council had paid for a computer lab with Macintosh machines, which haven't been affected. PING!

Macs are secure Ping!

If you want on or off the Mac Ping List, Freepmail me.

[MediaMole]

Win32.Krap.b — what an appropriate name.

[Spktyr]

“Noel MacDonald, a Westside parent of an 11-year-old who attends Bayview elementary school, said many computers in his son’s school have been marked with a red dot, signifying that the machine is so old it wouldn’t be able to withstand the anti-virus program.”

So, they’re more than two years old and they’re trying to install McAfee products on them, then? :P

[DuncanWaring]

See! Even virus-writers don’t support Macs!

[Spktyr]

It’s not for lack of trying.

And the whole “there’s not enough Macs for them to go after” argument doesn’t work when people are writing viruses for cell phone operating systems with less than 200,000 possible victims. There are millions of Macs running OS X today.

As of yet, no successful OS X virus has ever been found in the wild. (Social engineering exploits do not count against ANY platform IMHO as the only OS that they need to succeed is the several million year old one between people’s ears.)

[mkjessup]

**** iSnob PING!!!! ****

[RSmithOpt]

I find it entertaining that the educated 'educators' in an entire school system don't have the combined intelligence to know how to isolate each work station to 'scrub' the virus. Also, I realize there's a little more to it to remove that virus from the server(s), but, shouldn't be that difficult to do it....geeze, no one in the Vancouver school system has an IT degree to help? Oppps. My bad.....24 days and nothing on...looks like a plea to scam more dough to upgrade. Why no AV on the systems to begin with?

I find such news entertaining....better that 'Everybody Loves Raymond' and 'Lost' combined..... heheheehehe.

[RSmithOpt]

Threat Report Info on This Trojan:

Looks like MS IE (plug-ins) is most susceptible for the trojan which is very malicious but doesn't seem to induce a high security risk:

Snippet and link to article if anyone is interested showing details for the bug:

o Submission received: 16 December 2008, 19:46:39

o Processing time: 5 min 38 sec

o Submitted sample:

+ File MD5: 0xDAD2CCF6919B794797B7E9C484A89A56

+ Filesize: 165,539 bytes

+ Alias:

# Trojan.Packed.NsAnti [Symantec]

# Packed.Win32.Krap.b [Kaspersky Lab]

# Generic PWS.ak [McAfee]

# Mal/Frethog-B [Sophos]

# PWS:Win32/Frethog.AJ [Microsoft]

# Trojan.Crypt.XPACK [Ikarus]

* Summary of the findings:

What's been found:

Downloads/requests other files from Internet. Modifies some system settings that may have negative impact on overall system security state.

Creates a startup registry entry.

Registers a 32-bit in-process server DLL.

Registers a Browser Helper Object (Microsoft's Internet Explorer plugin module).

Contains characteristics of an identified security risk.............

[ReignOfError]

(Social engineering exploits do not count against ANY platform IMHO as the only OS that they need to succeed is the several million year old one between people’s ears.)

One of my favorite notations on helpdesk reports: PEBCAK.
.
.
.
.
.
.
.
.
.
.
.
.
.
Problem Exists Between Chair And Keyboard.

[mkleesma]

Or even better, if they were running Ubuntu - it’s free and like Macs, no anti-virus is required.
And it’s free!

[Big Giant Head]

Or PICNIC “Problem In Chair, Not In Computer”. Heh.

I love Linux. Linux would’ve avoided this as well as a Mac, for no cost but those “IT” guys.

[BobL]

“Mohammad Akif, security and privacy lead at Microsoft Canada...”

And they’re wondering how the problem originated...

[allmost]

It's not a very virulent bug. The incompetence of the 'IT' personnel should be the headline. Some of these machines:

Noel MacDonald, a Westside parent of an 11-year-old who attends Bayview elementary school, said many computers in his son's school have been marked with a red dot, signifying that the machine is so old it wouldn't be able to withstand the anti-virus program.

If they can't afford new PCs I doubt they're going to go with Macs, unless this is an internal 'stunt'.

[AppyPappy]

You don’t need a Mac. Just load Linux.

[Tribune7]

If they can't afford new PCs I doubt they're going to go with Macs, unless this is an internal 'stunt'.

In that case Linux is the answer.

[allmost]

Linux would run great on those older boxes. They wouldn’t even need to upgrade the hardware in most cases. A simple, inexpensive solution.

[ShadowAce]

[KayEyeDoubleDee]

So, they’re more than two years old and they’re trying to install McAfee products on them, then? :P

A locked-down computer with automatic updates installed shouldn't need anti-virus software.

If they were all booting off a standard configuration, and if they didn't have local access to hardware [e.g. no ability to boot to floppy or boot to cd-rom] and if they had Active Directory [or Novell Directory Services] policies which locked down the access to the innards of the box, then none of this stuff could happen.

The very fact that staff had to physically visit each and every computer [instead of being able to remote-reinstall each computer] indicates to me that this was a haphazard, slipshod environment where a catastrophe was just waiting to happen.

[fanfan]