Beta
×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

Korean DDoS Bots To Self-Destruct

timothy posted more than 5 years ago | from the someone-needs-a-little-hanging-before-bed dept.

501

tsu doh nimh writes "Several news sources are reporting that the tens of thousands of Microsoft Windows systems infected with the Mydoom worm and being used in an ongoing denial of service attack against US and S. Korean government Web sites will likely have their hard drives wiped of data come Friday. From The Washington Post's Security Fix blog, the malware is 'designed to download a payload from a set of Web servers. Included in that payload is a Trojan horse program that overwrites the data on the hard drive with a message that reads "memory of the independence day," followed by as many "u" characters as it takes to write over every sector of every physical drive attached to the compromised system.' ChannelNews Asia carries similar information."

Sorry! There are no comments related to the filter you selected.

Final code (1, Funny)

Anonymous Coward | more than 5 years ago | (#28646269)

0 0 0 Destruct 0

first post.. (4, Funny)

stillpixel (1575443) | more than 5 years ago | (#28646275)

Good day to be a linux/mac user eh? In South Korea the worm eats your data.. doh!

Re:first post.. (5, Funny)

Fulcrum of Evil (560260) | more than 5 years ago | (#28646407)

since all south korean online banking is done with windows computers, friday will seriously suck.

And something of value was gained? (5, Insightful)

AliasMarlowe (1042386) | more than 5 years ago | (#28646783)

Bots and other malware that do no appreciable harm to their hosts have made users complacent about keeping their systems clean (or preferably secure). In the meantime, the collateral damage of spamfloods, spyware, and DDOS attacks has been inflicted on the whole community. An exemplary episode in which the infected machines actually suffer may wake users up again. Windows users are, as usual, the witless accomplices/culprits in this case, but Macs can be just as easily penetrated (demonstrated in the hackfests each year), and poorly administered Linux/BSD/Solaris systems can also be vulnerable.
Let the vendors of protective measures celebrate! Sales of anti-virus, anti-spyware, anti-rootkit, firewalls, and so forth may benefit. The publicity may even cause some security holes to be patched, and better practices to become default. Maybe the rest of us will benefit...

Apple viral marketing campaign (5, Funny)

mokeyboy (585139) | more than 5 years ago | (#28646279)

Its all a plot to make people buy Mac

Re:Apple viral marketing campaign (5, Insightful)

evilviper (135110) | more than 5 years ago | (#28646585)

Actually, it CLEARLY is a plot. It should be pretty obvious to everyone...

It was designed to attack less important government websites, while keeping collateral damage to a minimum... No attempts on the power grid, FAA, etc., and no private companies affected.

Joe Lieberman went up before a room full of press and cameras and said, (roughly) "If this was someone sending us a message, we got it loud and clear."

Plus, it launched on July 4th, not a particularly significant day for North Koreans... And while anybody could look it up, who here can say they know the dates of big Chinese holidays? Really?

And now, it's doing exactly what good worms NEVER do... Killing their hosts, and themselves, suddenly, flagrantly, and unnecessarily. Exactly what any of us would wish to do with zombie PCs.

So, it seems pretty damn likely it was in fact anti-malicious. Some misguided white-hat who thinks drawing attention and cause a small bit of undeniable pain is the only way to make things get better. Frankly, it sounds like the ideal NSA fund raiser...

Re:Apple viral marketing campaign (4, Insightful)

Opportunist (166417) | more than 5 years ago | (#28646747)

It sounds more like the destruction of evidence. But then again, why'd I want to do that if I was already identified as the culprit? What could I gain? If anything, I'd want the attack to continue indefinitly, even after I've been wiped out, so to maximize the damage to my enemy even if I should not survive it.

To anyone playing chess: If you can't save your queen, make sure you can trade it for his.

U ? (4, Funny)

clang_jangle (975789) | more than 5 years ago | (#28646285)

Trojan horse program that overwrites the data on the hard drive with a message that reads "memory of the independence day," followed by as many "u" characters as it takes to write over every sector of every physical drive attached to the compromised system

Wow, and I thought only 0 and 1 could actually be written to the hard drive.

Re:U ? (5, Funny)

JorDan Clock (664877) | more than 5 years ago | (#28646307)

That's why this is newsworthy.

Re:U ? (5, Insightful)

Anonymous Coward | more than 5 years ago | (#28646327)

u in binary (yeah, I know what you meant):
1010 0101

I would have expected
0101 0101
which is "U"
(or 1010 1010, but that doesn't seem to be a nice ASCII character I can type)
Hmm, maybe it is a capitalization error on someones part, or maybe they just like the palindromic nature of 1010 0101?

Re:U ? (5, Informative)

broken_chaos (1188549) | more than 5 years ago | (#28646343)

I wouldn't expect either of the linked articles to know binary. It probably is "U", meaning just a repeating 010101010101010101........ Makes the most sense given the structure of hard drives and the fact that a repeated sequence of "u" after "memory of the independence day" (assuming that comma is also not part of it) makes no sense from any point of view.

Welcome to my world! (1)

siloko (1133863) | more than 5 years ago | (#28646463)

that a repeated sequence of "u" after "memory of the independence day" ...... makes no sense from any point of view.

memory of the independence day UUUUUUUUUUUUUUUUUUUUUUUUUUU mofo for even thinking about reminding me of that film
memory of the independence day UUUUUUUUUUUUUUUUUUUUUUUUUUU lost
memory of the independence day UUUUUUUUUUUUUUUUUUUUUUUUUUU won
memory of the independence day UUUUUUUUUUUUUUUUUUUUUUUUUUU can have a statue
memory of the independence day UUUUUUUUUUUUUUUUUUUUUUUUUUU must be joking, I was pissed as a newt!
memory of the independence day UUUUUUUUUUUUUUUUUUUUUUUUUUU look cute as a panda

well, maybe not the last one . . .

Re:U ? (1)

RealGrouchy (943109) | more than 5 years ago | (#28646575)

No, I think it's a ternary system, using the digits 1, 0, and U. Also known as "L33T debtor code" ;-)

- RG>

Re:U ? (5, Informative)

Anonymous Coward | more than 5 years ago | (#28646491)

.... "u" in ASCII, represented in binary is 0111 0101, not 1010 0101. "U" is 0101 0101, as you said though.

Re:U ? (1)

noundi (1044080) | more than 5 years ago | (#28646711)

I would have expected
0101 0101
which is "U"

But... why? It's not like U nor u makes sense. Seems pretty random to me.

If you are stupid enough to run MS ... (-1, Troll)

HW_Hack (1031622) | more than 5 years ago | (#28646287)

then OS stands for "Oh Shit"

Really that bad of a thing? (5, Insightful)

Immostlyharmless (1311531) | more than 5 years ago | (#28646291)

You have to imagine if these computers are all infected with this one trojan, they are probably infected with god only knows how much other spyware, malware, backdoors, and spambots. This might just be a GOOD thing; when these compromised twits wake up to a completely wiped drive, it might be the thing that drives them to read up on computer security a little bit, perhaps switch to a more secure browser, buy a router with a hardware firewall, etc. Not to mention, it will also wipe out all the aforementioned crapware.

Re:Really that bad of a thing? (4, Insightful)

tsa (15680) | more than 5 years ago | (#28646301)

Forget it. They will just buy a new computer because their old one is 'broken.'

Re:Really that bad of a thing? (4, Insightful)

mlts (1038732) | more than 5 years ago | (#28646633)

This reminds me of the '90s and MS-DOS viruses. At first, people didn't care because stuff like Brain, et al. were annoying but not malicious. Then came more and more destructive variants. Once BIOSes started getting zapped, people started making sure that they downloaded from a clean source and used AV protection.

Times are similar now. Malware used to be annoying because it was fairly crappy code that bogged down a machine. These days, because malware has matured to the point where a user doesn't even know it is present on a system, they tend not to care. Such as the attitude of "I'll do what I want on my computer, if I get my machine slowed down, Geek Squad will fix it for me". If something malicious software bit them, wiping everything on a widespread basis, it might spur Joe Sixpack into not using IE with all settings set to "Low" because the pr0n sites don't complain that way.

However, having a lot of clueless users get their data zapped this isn't a good thing overall. A lot of them will not do a thing for their own security. Instead, they will beg the lawmakers to do something, and feel good (or more aptly, feel "secure") legislative solutions rarely address international problems. Lots of bad things can happen down this path, from mandated "security" software to be on machines, to efforts to make PCs closed appliances like video game consoles.

Re:Really that bad of a thing? (1)

Opportunist (166417) | more than 5 years ago | (#28646755)

And that's good for our struggling economy, while you might get a perfectly good PC cheaply from the used PC market. Why are you complaining?

Re:Really that bad of a thing? (1)

elvum (9344) | more than 5 years ago | (#28646791)

So this is an economic stimulus plan?

+1 Insightful (4, Insightful)

zooblethorpe (686757) | more than 5 years ago | (#28646309)

This might just be a GOOD thing; when these compromised twits wake up to a completely wiped drive, it might be the thing that drives them to read up on computer security a little bit, perhaps switch to a more secure browser, buy a router with a hardware firewall, etc. Not to mention, it will also wipe out all the aforementioned crapware.

Precisely my thought on reading the summary -- good riddance to some severely compromised systems on the one hand, and on the other, I sincerely hope the users gain a clue.

Getting hit with the clue bat hurts. Otherwise, folks tend not to remember.

Cheers,

Re:+1 Insightful (0)

Anonymous Coward | more than 5 years ago | (#28646631)

Yes, yay. Let's Friday away.

I seriously agree - this could be an excellent learning opportunity for thousands of idiot users who refuse to take security seriously. Think of it: anew era dawns. Spam drops, malware's spread slows and doesn't pay anymore (so they stop). Ahhh...

Re:+1 Insightful (5, Interesting)

religious freak (1005821) | more than 5 years ago | (#28646669)

Who wants to take odds that a malware author will act to save these machines? It's not an impossibility - who would want to potentially lose many thousand boxes when you could just push a fix down to the machines? These machines are assets in the malware authors' "business".

It'll be interesting to watch. If it happens, it'll be kind of like a geek version of spy vs spy.

FFS (1, Insightful)

Psychotria (953670) | more than 5 years ago | (#28646743)

Why don't YOU get a clue? Punishing the user of an insecure OS will not do a damn thing. It will not do a damn thing to increase security. There will just be lots of people who are fucking upset because they lost a whole heaps of important files or memories (e.g. photos). It is not THEIR fault that windows is so fucked up (is it)? So, why do you take delight in them losing their data?

So, I hit YOU with you so called "clue bat" and I hope your meagre brain manages to parse it. I hope you remember this.

Cheers,

Re:Really that bad of a thing? (5, Insightful)

Patrik_AKA_RedX (624423) | more than 5 years ago | (#28646323)

More likly they'll complain their kid's game broke their computer, buy a new one and continue punching the monkey.

Re:Really that bad of a thing? (5, Funny)

Anonymous Coward | more than 5 years ago | (#28646381)

More likly they'll complain their kid's game broke their computer, buy a new one and continue spanking the monkey.

There, fixed that for you.

Re:Really that bad of a thing? (1, Insightful)

HockeyPuck (141947) | more than 5 years ago | (#28646335)

You have to imagine if these computers are all infected with this one trojan, they are probably infected with god only knows how much other spyware, malware, backdoors, and spambots. This might just be a GOOD thing; when my friends and family wake up to a completely wiped drive, it might be the thing that drives my 89yr old grandmother to read up on computer security a little bit, perhaps switch to a more secure browser, buy a router with a hardware firewall, etc. Not to mention, it will also wipe out all of their pictures, tax returns, email and other important documents.

There fixed that for you.

Why don't you just wish them to total their car so that they can be forced to buy a newer, more fuel efficient car.

Re:Really that bad of a thing? (1, Funny)

Anonymous Coward | more than 5 years ago | (#28646415)

Well, fuck you and your grandma. My grandma runs Linux, and so could yours, but nooooo, she decided to learn it the hard way.

Re:Really that bad of a thing? (1)

noundi (1044080) | more than 5 years ago | (#28646721)

My grandma isn't bionic yet, but we're working on it.

Re:Really that bad of a thing? (1)

Volante3192 (953645) | more than 5 years ago | (#28646479)

Why don't you just wish them to total their car so that they can be forced to buy a newer, more fuel efficient car.

It's more like watching them make the engine explode in flames because they never changed the oil in 80,000 miles.

There's unavoidable mechanical failure and then there's not keeping up on maintenance. The former is forgivable, despite being annoying. The latter drives me to wreak havoc on my liver.

Re:Really that bad of a thing? (1)

G33kGuy (1152863) | more than 5 years ago | (#28646665)

It's more like watching them make the engine explode in flames because they never changed the oil in 80,000 miles.

Its more likely that the engine would just seize and stop.

Re:Really that bad of a thing? (1)

rtfa-troll (1340807) | more than 5 years ago | (#28646539)

of their pictures, tax returns, email and other important documents.

If they have proper backups they will only have a small amount wiped out. If they don't have proper backups then there is only one way to learn to do proper backups. That's to have everything wiped. Right now we are beginning to build seriously important stuff on quicksand. There will be more of this and if it's as small as it sounds (a few 10s of Ks of computers is nothing) then we should be happy.

Hardly Good At All (1)

bazald (886779) | more than 5 years ago | (#28646579)

Thanks for posting. I honestly cannot understand the nasty comments coming from some other people in this thread. A few people making a joke is one thing, but to have dozens of Slashdotters honestly describing this situation as good is rather bizarre.

Even if learning the hard way is the only way for some people, that doesn't mean we have to have no compassion for them.

Re:Hardly Good At All (0)

Anonymous Coward | more than 5 years ago | (#28646745)

Even if learning the hard way is the only way for some people, that doesn't mean we have to have no compassion for them.

Don't forget that we "the geeks" have been feeling their pain for years and they never cared when they were told. Well, now they are being shown the pain and you expect us to care?

Re:Really that bad of a thing? (0, Offtopic)

EdIII (1114411) | more than 5 years ago | (#28646749)

You have to imagine if these computers are all infected with this one trojan, they are probably infected with god only knows how much other spyware, malware, backdoors, and spambots. This might just be a GOOD thing; when my friends and family wake up to a completely wiped drive, it might be the thing that drives my 89yr old grandmother to read up on computer security a little bit, perhaps switch to a more secure browser, buy a router with a hardware firewall, etc. Not to mention, it will also wipe out all of their pictures, tax returns, email and other important documents.

There fixed that for you.

Why don't you just wish them to total their car so that they can be forced to buy a newer, more fuel efficient car.

I wish that every single day. There is nothing more I hate then to be behind some pos car throwing out noxious fumes in traffic. Most of them have faked smog reports, because lets face it, there is no WAY some of those cars can pass a smog check. I know of plenty of mechanic friends in the past that would look the other way for 40$. Some of then even feel bad for these people since they can't afford to actually fix the car and get it passing a smog check, and will be seriously harmed if they don't have a car to get to work. 4 kids, barely making it, you know the sad story.

I do understand the emotion and compassion that you are trying to convey. It is misplaced. If you want to keep with the car analogy, these people that are driving a total POS are:

1) Polluting our air.
2) Dinging our cars in the parking lot, because they don't care. Primer is good enough for them, it should be good enough for us.
3) Stealing our gas when they get five seconds alone with our car.
4) Using the streets as their own personal wastebasket for cigarette butts, happy meal boxes, and bubble gum.
5) Loaning out their car on demand to complete losers that use it for drive by's to kill 9 year olds, rape 89 year old women, and steal lollipops from little kids.

Sounds harsh I know, but people that have infected unsecured computer systems are doing exactly that on the Internet. They are the reason why system administrators have to fight so damn hard to get rid of spam. Why we need redundant and expensive systems to cope with DDOS attacks. Why it so hard to track down the real people behind these actions.

I do feel for these people, and I even know people that have lost considerable amounts of personal data due to this bullshit. It's sad, really sad. However, the Internet and the rest of us are better off, when they finally get FOOBARd'. Otherwise, we have to wish for them to continue doing exactly what they are doing while probably being:

1) Ultimately harmed themselves more than the loss of data could ever do. Identity theft, stolen money from bank accounts, fraud, etc.
2) Used to do the same to others.
3) To compromise businesses for considerably more amounts of money.

If it takes their complete destruction to open their eyes to possibility they at least need to find somebody to help with their own security, or handle their own, it may be worth doing so. Your compassion, while understandable and admirable, is really just wishing to keep the status quo in their little world, as if they are not being harmed already.

Every child has to fall and scrape their knees when finally learning to walk and run. It's just part of life and growing up.

Re:Really that bad of a thing? (4, Interesting)

rodgster (671476) | more than 5 years ago | (#28646385)

hhhmmm

I wonder if the backbone network admins are going to block access to that "set of web servers" or just let nature take it course.

Re:Really that bad of a thing? (1)

rastilin (752802) | more than 5 years ago | (#28646481)

This sounds like an excellent opportunity four a counter-hack. If you follow the chain of computers back to the source, won't it end up in the opponent's critical systems? By placing a backdoor in the target, we would be able to study their technique and objectives.

Re:Really that bad of a thing? (4, Interesting)

rtfa-troll (1340807) | more than 5 years ago | (#28646581)

This sounds like an excellent opportunity four a counter-hack.

no

If you follow the chain of computers back to the source, won't it end up in the opponent's critical systems?

likely not.

The people behind this are probably reasonably good at what they are doing. Most likely it will at best lead to a compromised host which is being controlled remotely. Very likely the loss of the actual original control system where the bot herder is sitting would not be a big deal. Probably there will be one or more levels where you will go through a P2P network which doesn't make it clear at all where the commands are coming from. The only way to be absolutely sure is to actually raid the physical location where the bot control is coming from and catch the guy at his keyboard.

Having said that, counter-hacking might be a useful investigative technique. If it was legal.

Re:Really that bad of a thing? (1)

rastilin (752802) | more than 5 years ago | (#28646675)

Having said that, counter-hacking might be a useful investigative technique. If it was legal.

Since the pundits are saying that it could be a foreign government, and that the attackers struck at military targets; legality is less applicable that it would normally be.

Or to put it another way. If you were assaulted in the street by someone, the police would deal with it. If the Argentinian government sent a spy to assault you in the street. It's no longer a police matter.

Most likely it will at best lead to a compromised host which is being controlled remotely. Very likely the loss of the actual original control system where the bot herder is sitting would not be a big deal.

Even failure will reveal useful information about the opponent's capabilities. Before it was just posturing but if it is the NKs then this is the first time that they have hindered a foreign government. Information about them would be really useful about now.

It's worse than you think (3, Interesting)

Anonymous Coward | more than 5 years ago | (#28646419)

NO.

In fact the S. Korean government is publically saying that North Korea is to suspect, along with some "pro-North" factions in South Korea.

Or, in terms you are more familiar with: "OMG! TEH TERRORISTS! WHERE IS NATIONAL SECURITY?"

This will be an opportunity for the current government to distract people from their having put our nation into a pile of horseshit, and to round up some anti-government people for being "pro-North" and "hating freedom." Well, yes, *some* of them may be crazy enough to be pro-North, but many will be just innocent citizens who just can't stand any more crap from our current president.

Sounds familiar? Heh.

Re:Really that bad of a thing? (5, Insightful)

clarkkent09 (1104833) | more than 5 years ago | (#28646465)

This seems to be a popular view here on slashdot but it ignores the fact that 90% of the computer users neither understand nor should have to understand a single bit of what the hell you are talking about. It should be considered a failure of the part of the computer industry to be making products that are incapable of being used for storing important data without expert level knowledge on how to secure it. We in that industry should start admitting that the issue is our fault instead of calling people twits for not knowing what a "router with a hardware firewall" is. Oh, and you can blame MS all you want but the truth is that Linux, if as widely adopted and used by ordinary computer illiterate users, and as targeted by the malware writers as Windows is, wouldn't be a whole lot batter.

Re:Really that bad of a thing? (1)

Lennie (16154) | more than 5 years ago | (#28646589)

It should be considered a failure of the part of the computer industry I'm sorry, but no1 wants to take that responsability, not even Microsoft unfortunately.

And on the Linux-situation, if Linux is better, it might have been able to prevent anything else but the user home-directory being destroyed.

Also I've not seen any unpatched Linux desktops (not including the stupid distributions which were on the first Netbooks).

Re:Really that bad of a thing? (2, Insightful)

Anonymous Coward | more than 5 years ago | (#28646649)

You, Sir, have said something far too sensible for the Windows hating command-line lovers here to appreciate. They will no doubt vote you off their island of Windows mockery.

I agree with the parent about the blame game - and I can't see that having thousands of important computer systems blown away in an instant is in any way a good thing, no matter what operating system they're using. Love or hate any vendor or software development methodology as much as you like, but it's the complete ASSHOLES that make this security compromising shit we have to deal with that should be the targets of your mockey.

Unless you're chicken.

Which you probably are.

Else you'd run said insecure operating system just to live dangerously.

Ahhhh! Seriously, this argument about MS vs Linux vs whatever is getting more lame by each post in each story. It's about as lame as the Flash vs blah blah blah it's SOOO BORING I can't even write about it any more debates. There are different operating systems currently available that are guided by different principles and philosophies. Choose one (or more). Use it (or them). Then get over yourselves when the one(s) you use don't have the same market share as another one, or whatever the pissing contest de jour is.

And, if you think that a bunch of very smart people in Redmond aren't concerned with security then you're just extremely blinded and foolish. News flash, homeslice, Debian Woody users aren't the only ones in the world that care about keeping their systems secure.

post anonymously: check
upgrade antivirus that I don't run anyway: check
(because it makes everything run real slow: cheeeck)
offer erect single finger to virus-writers everywhere: check
offer the same to endless whinging about Microsoft: CHECK
wish for Amiga to triumphantly return: check (just for kicks to see if anyone's still reading)

Re:Really that bad of a thing? (1)

mwvdlee (775178) | more than 5 years ago | (#28646593)

Here's to hoping your and our anti-virus software was good enough to block this one.

Re:Really that bad of a thing? (0)

Anonymous Coward | more than 5 years ago | (#28646651)

"They Shoot Horses, Don't They? [wikipedia.org] " is a movie in which the lead character points out that horse with broken legs are shot since they can't be fixed, and that the same should apply to irreparably damaged humans. Seems to me that wiping the hard drive of an irreparably compromised PC is the best thing one can do. And since an unprotected Windows PC is usually compromised within a couple of minutes of being connected to the Internet, maybe the definition of "irreparably compromised" should include the case "comes with Windows pre-installed". Not that we necessarily have to do much to fix this problem, Microsoft and the malware industry seem to be getting there under their own steam.

Yay? (2, Insightful)

ThrowAwaySociety (1351793) | more than 5 years ago | (#28646303)

At least this way they'll get cleaned up and (possibly) patched, right?

Compare it with biological malware. Ebola causes more damage than AIDS, but it's less of a concern, because it kills the host dead pretty quickly. AIDS causes more havoc, because the host survives for such a long time.

Re:Yay? (1)

jd (1658) | more than 5 years ago | (#28646647)

I'm not convinced these machines will, but the pain suffered when they are erased so publicly might result in greater investment in security.

On the other hand, users and corporations alike often rely on the "many targets, few victims" principle that says that it's only other people who are likely to be hurt.

Sad to say, short of Governments imposing minimum standards for IT security (just the same as they impose minimum standards for car safety in many countries), the best hope might actually be a major disaster, as ironic as that sounds. Sometimes, burned hands really do learn the best, as much as I hate that line of thinking.

good... (2, Insightful)

advocate_one (662832) | more than 5 years ago | (#28646305)

about time windows boxes self destructed... people might start to question windows security issues more if their boxes died rather than just slowed down...

Re:good... (3, Insightful)

DeadDecoy (877617) | more than 5 years ago | (#28646317)

If we're lucky. Odds are MS will use this as an opportunity and say: See why you need Win7? Upgrade now for the measly price of 99.99$.

Re:good... (1)

Lennie (16154) | more than 5 years ago | (#28646605)

Not only that, people will just buy a new computer if they are really stupid and it will just be an other sale for Microsoft, then again this was asia...

Re:good... (0)

rastilin (752802) | more than 5 years ago | (#28646541)

about time windows boxes self destructed... people might start to question windows security issues more if their boxes died rather than just slowed down...

Now I for one am GLAD that Linux users care so deeply about the suffering of others. It's posts like this that led me to believe that Linux propagation is less about improving the world's computer safety and more about showing everyone up.

I could be wrong but I was led to believe that there's already a patch for this exploit, so it's not Microsoft's fault except in that they didn't force people to patch against their will.

Re:good... (0)

Anonymous Coward | more than 5 years ago | (#28646739)

It's not that we don't care. We care deeply. But these users have been told - again and again and again - that Windows is insecure, to run anti-virus software and keep their systems up-to-date, and make regular backups. Linux people tell them they should run linux, not Windows. Mainstream media tells people to run anti-virus software and patch their systems. Everybody tells people to back up their stuff. Now they choose not to do any of that, and wilfully pollute the Net with their infected computers, and we're supposed to feel empathy?

Re:good... (1)

Arancaytar (966377) | more than 5 years ago | (#28646779)

If their so-called "security patches" didn't contain anti-competitor tricks (changing default settings from FF to IE, Google to Bing, etc.), "anti-piracy" trojans and other crap so often, then their users might have more motivation to install the patches. Me, I stopped running the updater when IE7 came out, and spent the rest of my time on Windows figuring out how to migrate (now using Ubuntu).

Re:good... (1)

rastilin (752802) | more than 5 years ago | (#28646799)

If their so-called "security patches" didn't contain anti-competitor tricks (changing default settings from FF to IE, Google to Bing, etc.), "anti-piracy" trojans and other crap so often, then their users might have more motivation to install the patches. Me, I stopped running the updater when IE7 came out, and spent the rest of my time on Windows figuring out how to migrate (now using Ubuntu).

Yeah you have to wonder what they were thinking when they made the judgment call to start changing defaults. But I doubt most users consider this when deciding to patch.

Re:good... (2, Interesting)

Fatal67 (244371) | more than 5 years ago | (#28646679)

And if they all switch over to unix, you'd just have a bunch of clueless unix users. Except now, you'd have enough users for them to actually bother writing malware for it.

Be careful what you wish for.

Omg, think of the pr0n (0)

linzeal (197905) | more than 5 years ago | (#28646313)

If you overwrote a random 50k computers what would you lose besides the ubiquitous personal photos, porn (some of which might be included in the former) and some game saves? Anyone that is at all concerned for the posterity and the permanency of their ideas/data should of been doing backups as soon as they could afford them. There is really no excuse with ubiquitous free and cheap online backup options and SD cards, cheap desktop RAID and even printing if you can mange a paper file system off site. I have no sympathy anymore for people who lose years worth of data with a single point of failure; and, neither should you.

Re:Omg, think of the pr0n (4, Insightful)

Patrik_AKA_RedX (624423) | more than 5 years ago | (#28646353)

Let's hope the guy who's good at curing cancer is also good at making backups...

Seriously. It overrides every attached HD. How well does a RAID stand up to that in terms of data protection? Or an attached USB HD?

Re:Omg, think of the pr0n (0)

Anonymous Coward | more than 5 years ago | (#28646503)

The idea of backup is to keep things as separate as possible. My current raid backup uses Samba and a password, granted this could be easily hacked with a keylogger to date I have not seen any Trojan in the wild with this ability.

Maybe... (0)

Anonymous Coward | more than 5 years ago | (#28646315)

Maybe they're just pissed about SC2.

It's already Friday in most time zones. (3, Interesting)

Animats (122034) | more than 5 years ago | (#28646325)

It's already Friday in most time zones. Is this happening?

Nah (5, Funny)

copponex (13876) | more than 5 years ago | (#28646351)

I'm still running a huge network of unpatched XP SP1 boxes and

Re:It's already Friday in most time zones. (1)

Auxis (1341693) | more than 5 years ago | (#28646363)

It doesn't seem to be happeAOIFJ($)FJ@()F#J@F)(J@2)(*@)^&#!)%!(#) &(#509382523)(#$*F****NO CARRIER****

Re:It's already Friday in most time zones. (1)

laejoh (648921) | more than 5 years ago | (#28646411)

Damn, you beat me to #@#ÃÃoÃ!!mskkd 0ÃÃÃ"@" ***NO CARRIER***

We both missed it. (4, Funny)

copponex (13876) | more than 5 years ago | (#28646413)

The correct joke would be:

Everything looks fine !@#-)@^Y^)$_*^*$&@) memory of the independence dayuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuu

And then the lameness filter would ruin it anyway.

Soulja Boy Tellem Payload (0, Offtopic)

psicop (229507) | more than 5 years ago | (#28646347)

f(x)=u^U

Crank that.

Independence Day (5, Funny)

Dr. Eggman (932300) | more than 5 years ago | (#28646359)

I've been trying to figure out whose independence day it is referring to. Based on Wikipedia, it's not Korea's (North or South) China, Japan, the US, or Russia. Nearest I can figure for Friday, July 10th is... the Bahamas?

...Unless it means next Friday, July 17th which celebrates South Korea's Constitution Day; the day that the Korean Constitution was proclaimed in 1948. But, no, clearly it's the Bahamas.

Man (5, Funny)

copponex (13876) | more than 5 years ago | (#28646367)

You know you live in a fucked up country when you collectively hate the Bahamas.

Hats off, Kim Jong-Il. That's going to be a tough one to beat.

Re:Independence Day (5, Informative)

TapeCutter (624760) | more than 5 years ago | (#28646405)

The attacks started on the 4th July weekend.

Re:Independence Day (2, Informative)

ntufar (712060) | more than 5 years ago | (#28646553)

North Korean news agency (http://twitter.com/kcna_dprk [twitter.com] ) keeps celebrating 15th Anniversary of Demise of Kim Il Sung. Maybe it is this one.

uh what? (3, Insightful)

roc97007 (608802) | more than 5 years ago | (#28646361)

> From The Washington Post's Security Fix blog, the malware is 'designed to download a payload from a set of Web servers. Included in that payload is a Trojan horse program that overwrites the data on the hard drive with a message that reads "memory of the independence day," followed by as many "u" characters as it takes to write over every sector of every physical drive attached to the compromised system.'

Did the washington post writer get this wrong, or is this a misreported urban legend? The "trojan horse" part doesn't make any sense -- the computer is already compromised.

Re:uh what? (1)

Datamonstar (845886) | more than 5 years ago | (#28646501)

From what I understand - and that isn't much - the "trojans" are actually named as known Windows executables, so yeah... in a sense they are trojans.

To think (0, Troll)

ZeroSerenity (923363) | more than 5 years ago | (#28646371)

A Microsoft patch/tool made...I dunno, four+ years ago could have prevented all of this? You know, if people bothered to install it? Much like...Conflicker(? is this right?) the patch is readily availble before the damage really gets underway or done.

Security is not hard people...

Well... (4, Insightful)

TheSpoom (715771) | more than 5 years ago | (#28646377)

Sucks to be running Windows.

*gets back to work in gedit*

Re:Well... (0)

GF678 (1453005) | more than 5 years ago | (#28646509)

Sucks to be running Linux.

*gets back to work in Photoshop* ...

See? All operating systems have their disadvantages. Now stop being smug.

Re:Well... (1)

Shikaku (1129753) | more than 5 years ago | (#28646527)

Wine.

Re:Well... (1)

j-stroy (640921) | more than 5 years ago | (#28646663)

Since I'm reading this as I'm killing time, while I'm installing XP on a Macbook, in a "Parallels" virtual environment, I'm getting a kick out of this.

Making a fresh virtual image of OS X next. Then, which free linux flavour is fun these days? Does Gentoo still have a decent live CD? Apparently I can even install Windows 7, not sure why I would tho.

Re:Well... (1)

zooblethorpe (686757) | more than 5 years ago | (#28646677)

Do I have to?

Re:Well... (1)

GF678 (1453005) | more than 5 years ago | (#28646693)

Does CS4 run flawlessly in Wine? If anything breaks or requires workarounds, it's not worth it.

Re:Well... (0)

Anonymous Coward | more than 5 years ago | (#28646733)

Photoshop has enough trouble crashing without adding to the issues. If only The GIMP had a proper interface.

Re:Well... (0)

Anonymous Coward | more than 5 years ago | (#28646601)

Sucks to be you.

*Gets back to work with a paper and a pencil.*

Re:Well... (1)

Trouvist (958280) | more than 5 years ago | (#28646617)

Now you can stop being smug and read this:

It's for photoshop CS4 IN linux. Says "GOLD" to me.

This might be a good thing... (0, Redundant)

NervousNerd (1190935) | more than 5 years ago | (#28646383)

When the infected idiots wake up tomorrow and find that their hard drive was wiped, they'll go out and buy a new computer, and throw their old ones on the curb. And since I need some new parts for my machine...

happy ending (5, Insightful)

Errtu76 (776778) | more than 5 years ago | (#28646421)

I'm glad there's a happy ending to this story. Thousands of unpatched windows machines will cease to exist, hurray!

No SC players? (4, Funny)

Arivia (783328) | more than 5 years ago | (#28646441)

I'm surprised they aren't filling the storage with "kekekekekekekekekekekeke"...

Re:No SC players? (0)

Anonymous Coward | more than 5 years ago | (#28646587)

or worse yet... desu desu desu desu desu desu

Humbug! (0, Redundant)

ZarathustraDK (1291688) | more than 5 years ago | (#28646455)

I'm pretty sure I'm samemory of the independence day uuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuu

I remember (0)

Anonymous Coward | more than 5 years ago | (#28646457)

back when we used to fill hard drives with pr0n. Or the word "beable" repeated over and over.

What is the source? (3, Insightful)

xenophrak (457095) | more than 5 years ago | (#28646487)

Over at Yahoo ( http://tech.yahoo.com/news/ap/20090710/ap_on_hi_te/as_skorea_cyber_attack [yahoo.com] ) they are reporting that there are only 86 IP addresses causing the outages:

"SEOUL, South Korea -
Cyber attacks that caused a wave of Web site outages in the U.S. and South Korea
used 86 IP addresses in 16 countries, South Korea's spy agency told lawmakers
Friday, amid suspicions North Korea was behind the effort."

Now, I'm a little skeptical that they didn't mean ISP instead of IP, but if it is true that there are only 86 hosts generating this much fanfare, then the network admins should be strung up with cat6 for not just blackholing these punks at the edge router. I guess we get the best govt. IT we can afford, right?

Re:What is the source? (1)

remus.cursaru (1423703) | more than 5 years ago | (#28646625)

86 IPs doesn't necessary mean 86 host, don't forget NAT/masquerading.

Re:What is the source? (1)

tokyoahead (743189) | more than 5 years ago | (#28646753)

If those WERE 86 IP's then it's definitely North Korea's work. Their IT personnel cannot handle more bots than that. They do not have enough IT folks among their slave laborers. And their "Windows ME Gulag" is still under construction.

Re:What is the source? (2, Informative)

garyisabusyguy (732330) | more than 5 years ago | (#28646763)

over at DarkReading [darkreading.com] they say: Earlier Wednesday, the National Intelligence Service said in a statement that 12,000 computers in South Korea and 8,000 computers overseas had been infected and used for the cyberattack. Seems a little more realistic for a national threat

WOW (1, Redundant)

someone1234 (830754) | more than 5 years ago | (#28646495)

Actually it does something useful.
This will teach all negligent users to actually defend against zombifying.
One of my colleagues says, he wouldn't care if his machine is a zombie as long as it doesn't slow the machine significantly.

Re:WOW (1)

greatica (1586137) | more than 5 years ago | (#28646805)

Great point. Nobody has problems with malware on their machines anymore. "Oh I only get a few pop ups." "Oh, there were 30 viruses on there last week but I cleaned them out." Then they fail to connect the dots and try to sue Paypal because somebody "hacked" their account.

The smartest move on Malware authors' parts were to make the malware invisible and never "harm" the PC.

Now erase a peasant's hard drive and throw some Michelangelo artwork in their face, and "OMFG I HAVE A VIRUS! I heard about these on TV!"

In a sick way, this is a win for the PC community as a whole. Erased hard drives stolen records & botnets.

Blood in the water (4, Interesting)

Pecisk (688001) | more than 5 years ago | (#28646533)

This will be ugly and exciting at once. First of all, I bet all mob supported worm writers will be fuming, because someone broke silent agreement that there should be no destructive viruses, otherwise people would start to actually care. And if people care => more correctly patched boxes => less posibility to own them => no profit at all.

Second, it will send very interesting message to people who have ignored subject of IT security so far. Imagine company with 100 computers suddenly standing on nothing but the air - no data, no OSes to work with, nothing. Third, I am afraid that some control maniacs (those who usually end with having an actual power to be maniacal) will use it as an excuse to impose more control on Internet. Of course, it will be laughted at by serious IT security specs, but those freaks will freak out and it will be interesting and frightening at same time.

Americans (-1, Troll)

Anonymous Coward | more than 5 years ago | (#28646557)

I suspected it when I saw the list of U.S. government sites that they hit, but now I'm sure. This is a U.S.-based attack by a right-wing group. The Korean angle is just stirring up shit, and cleverly taking advantage of S. Korea's ActiveX monoculture.

I'm sure that worse is to come, now that they have a proof-of-concept of an international-incident-producing device.

To all the anarchists, "Pirates" (not the kind you're thinking of, not people who disregard IP law, rather a self-styled "Pirate" group of web right-wingers), Teabaggers and Ron Paul Libertarians: Fuck you. Your advocacy is not appreciated. And fuck you for DDOSing our servers.

The truly fucked up thing is that anybody can do this for a couple of bucks a month. Ask any admin who's ever been naive enough to email the abuse contact. The scripted response from a New Delhi ISP? Get a warrant.

Shirts! (1, Offtopic)

binaryseraph (955557) | more than 5 years ago | (#28646609)

I'm making that a tee shirt.
"memory of the independence day, uuuuuuuuuuuuuuuuuuuuuuuuuuuuuuu"

Must be N.Korea (0)

Anonymous Coward | more than 5 years ago | (#28646641)

Seriously, what other country would be likely to attack both the US and S.Korea?

I mean really. Most of the countries that hate one of those at least don't want to antagonize the other or don't give a shit about the other.

On the other hand, if we're all paranoids, it's one of those countries that publicly love both the US and S.Korea but secretly despise them.

I wonder... (1)

tokyoahead (743189) | more than 5 years ago | (#28646685)

...how many people are sitting at their breakfast table, reading this in the newspaper and laughing at the idiots who do not protect their systems properly while their own PC is right now happily writing u's over their downloaded porn.

If I was still in Tech Support (3, Insightful)

Opportunist (166417) | more than 5 years ago | (#28646781)

I'd be scrambling now to get that day off. Failing that, I'll find a doc that writes me a sick leave, if necessary for a bribe. Failing that I'd quit.

There is no way anyone in support will survive that day without a ringing in his ears.

Load More Comments
Slashdot Login

Need an Account?

Forgot your password?