Microsoft.com Is New Target for Network Worm "Double Whammy"
MyDoom.O and Google/Lycos/Altavista/Yahoo! attacks were maybe just the beginning, say experts.
Jul. 28, 2004 12:00 AM
"Google's Down!?!?!?!?" - Google Search Performance Flubbed by MyDoom
According to the Finnish anti-virus firm F-Secure, yesterday's MyDoom.O (or MyDoom.M) attacks on Google, Yahoo!, Altavista, and Lycos are part of a double whammy involving a new worm called Zindos. And the target of Zindos appears to be the Microsoft.com Web site.
"Zindos and Mydoom.M work together," F-Secure reports this morning. "Mydoom.M laid out the path by infecting a large number of systems and preparing a list of them. Zindos hitches a ride on the Mydoom highway. It uses the lists and the backdors, prepared by Mydoom.M, to quickly spread and hit its target, which is www.microsoft.com."
Zindos first arrives through the MyDoom.M backdoor, F-Secure explains. When uploaded to the victim, the worm file is dropped to the TEMP folder with a random name. The file is added to the registry as either of
"Tray" = "%TEMP%\<random_name>.exe"
"Tray" = "%TEMP%\<random_name>.exe"
To propagate itself, Zindos then uses the list of compromised computers collected by the MyDoom.M backdoor. The worm goes through the list and uploads itself with the corresponding command through the backdoor.
The so-called "payload" of Zindos is a Distributed Denial-of-Service routine that downloads http://www.microsoft.com/ in an infinite loop with 50ms delays. The AP notes however that experts don't at present believe such a DDoS attack will "significantly" disrupt the Redmond giant's site performance.
Reader Feedback: Page 1 of 1
chrojin commented on 28 Jul 2004
well... how about this take? if you don't like microsoft, then simply help the worm spread. knowingly disable protection and then install on as many machines as possible. you can even get the people that trust your email address, further easily spreading it. if you know exactly what the worm does, and don't mind a little bandwidth being used - knowing you can clean the system (if it is yours) - is that still considered illegal?
commented on 28 Jul 2004
I really am sick of viruses.
Being an IT professional, I get on average 1 request per week to remove viruses / spyware / browser hijacks etc from people's computers.
Recently I started turning them down, but offer to install Linux on their computer instead of trying to fix their Window installation.
If I were writing a worm, however, I'd take a different approach. I'd make it spread quietly, and then destroy the Windows install completely 1 day after infection. The whole freakin' lot. People who get viruses are asking for it. If you put your computer on the internet, you have a responsibility to do the right thing by everyone else. If you stick your head in the sand and click on all the 'click here' and 'free hardcore XXX' links, then come bitching to me when the whole thing comes crumbling to the ground then you really only have yourself to blame.
ALL computer users should take reasonable steps to keep their computers secure. ALL computer users who don't take these steps should have their hard disks wiped clean.
Once a few viruses start doing this, people will get the hint and keep their systems secure.
hdparm commented on 28 Jul 2004
Whoever tries to muck around other people's computers should be prosecuted and punished
ubf6RT commented on 28 Jul 2004
since it is known as both MyDoom.M and MyDoom.O, and since Microsoft appears to one target (M)...can we expect the next target to be Oracle (O) - Or is it just coincidence?
Subscribe to the World's Most Powerful Newsletters
The question before companies today is not whether to become intelligent, it’s a question of how and...
Feb. 24, 2018 01:00 PM EST Reads: 3,914
While some developers care passionately about how data centers and clouds are architected, for most,...
Feb. 24, 2018 12:00 PM EST Reads: 3,008
ChatOps is an emerging topic that has led to the wide availability of integrations between group cha...
Feb. 22, 2018 01:15 PM EST Reads: 6,837
As DevOps methodologies expand their reach across the enterprise, organizations face the daunting ch...
Feb. 22, 2018 11:00 AM EST Reads: 2,569
As Marc Andreessen says software is eating the world. Everything is rapidly moving toward being soft...
Feb. 22, 2018 03:00 AM EST Reads: 4,319
You know you need the cloud, but you’re hesitant to simply dump everything at Amazon since you know ...
Feb. 21, 2018 04:00 AM EST Reads: 3,655
Is advanced scheduling in Kubernetes achievable?Yes, however, how do you properly accommodate every ...
Feb. 21, 2018 03:45 AM EST Reads: 3,110
The cloud era has reached the stage where it is no longer a question of whether a company should mig...
Feb. 20, 2018 06:30 PM EST Reads: 7,980
The need for greater agility and scalability necessitated the digital transformation in the form of ...
Feb. 20, 2018 04:45 PM EST Reads: 1,156
In his keynote at 18th Cloud Expo, Andrew Keys, Co-Founder of ConsenSys Enterprise, provided an over...
Feb. 20, 2018 04:45 PM EST Reads: 8,411
Coca-Cola’s Google powered digital signage system lays the groundwork for a more valuable connection...
Feb. 19, 2018 01:45 AM EST Reads: 4,056
In his session at 21st Cloud Expo, Raju Shreewastava, founder of Big Data Trunk, provided a fun and ...
Feb. 19, 2018 01:00 AM EST Reads: 3,399
"Since we launched LinuxONE we learned a lot from our customers. More than anything what they respon...
Feb. 18, 2018 08:45 AM EST Reads: 2,907
DevOps is under attack because developers don’t want to mess with infrastructure. They will happily ...
Feb. 17, 2018 10:00 PM EST Reads: 2,843
"As we've gone out into the public cloud we've seen that over time we may have lost a few things - w...
Feb. 17, 2018 12:45 PM EST Reads: 5,273
In his session at 21st Cloud Expo, Michael Burley, a Senior Business Development Executive in IT Ser...
Feb. 17, 2018 09:00 AM EST Reads: 3,484
Sanjeev Sharma Joins June 5-7, 2018 @DevOpsSummit at @Cloud Expo New York Faculty. Sanjeev Sharma is...
Feb. 16, 2018 10:15 PM EST Reads: 7,449
We are given a desktop platform with Java 8 or Java 9 installed and seek to find a way to deploy hig...
Feb. 15, 2018 01:00 PM EST Reads: 834
"I focus on what we are calling CAST Highlight, which is our SaaS application portfolio analysis too...
Feb. 15, 2018 12:15 PM EST Reads: 3,457
"Cloud4U builds software services that help people build DevOps platforms for cloud-based software a...
Feb. 15, 2018 11:45 AM EST Reads: 2,782