new comp Virus

[YT2095]

The Blaster Virus is due to be triggered tomorow morning to attack Micro$oft on 16/8/03 Saturday.

It will also slow down the net and create all the typical virus symptoms on Home computers as well.

 

DO NOT download the patch on the MS site, it will get in that way!

a Google search for "Blaster Virus" will tell you more than I can.

[blike]

Yea, I got completely owned by it earlier this week

[Sayonara]

Actually, the net will be faster tomorrow than it has been for a long, long time. If you want to be able to capitalise on that, do get the patch.

 

Being owned is what you get for not keeping Windows up-to-date, and not keeping an eye on the IT security press

 

Go MSblast! Funniest and most productive worm for months. I will explain later - gotta catch the bus home in a few minutes.

[fafalone]

Damn it's supposed to attack M$? I've gotta reinstall it quick!

[Sayonara]

Right- I'm not (a) at work or (b) drunk now, so...

 

The RPC protocol vulnerability was first identified in June and it is a really big deal, because of the scope for potential attacks. Businesses have been patching and preparing since then precisely because it was known that worms such as MSblast would start appearing.

 

However, home users are notorious for not knowing what windows update is, much less using it, and for not using AV or a firewall.

 

MSblast was therefore designed to scan for Windows installations running the RPC protocol without the patch. Because this protocol enables NT systems to move information between ports (a bit like FTP) MSblast is able to copy itself to the target PC in a matter of seconds, and then of course it starts scanning again for new targets.

 

The payload MSblast carries is only designed to launch a DDoS attack on the windows update servers. An unexpected side-effect was the periodic shut-downs on XP machines, due to MSblast accidentally interfering with the RPC process. The only reason this shuts down the machine is due to XP being stupid.

 

So the net effect today is that a lot of infected people will be unable to use their computers, and in theory nobody can update because the update site will be down or busy (although i see it's running fine at the minute).

 

Ho ho ho.

 

If you have been infected, and got rid of the worm, you must apply the M$ patch to stay free of similar problems in the future. There WILL be other worms that attack RPC vulnerabilities.

[YT2095]

well as far I know now, it was mostly contained before it did what it was supposed to anyway. I personaly didn`t notice any difference myself, Symantec(sp) the guys who make ZoneAlarm I think it is, have the patch on their site bug free IF anyone is worried about it anyway

All should be OK now anyway, sorry if it was a false alarm to anyone, but it could have swung either way!

 

All the best

[fafalone]

I used services.msc to make it so the computer doesn't shut down when the RPC crashes, so now I'll reinstall MSBlast and let it attack MS

[atinymonkey]

The guys put the wrong web address in the worm, so it didn't get to attack effectivly. Idiots.

 

http://news.bbc.co.uk/1/hi/technology/3154117.stm

[blike]

he's in jail now

[YT2095]

He`ll be another one they make an example of, according to the news here, it only hit 7000 PCs and not the 200,000 + that they originaly stated.

oh well... pays yer money, Takes yer chance I guess!

[Dudde]

HA! hahaha

that's too dang funny

 

knew the guy was caught, didn't think he'd put the wrong address in the thing though

wasn't he some kid from seattle or something? I dunno..can't remember..communist..

[james123]

lol

[Guest fazeeee]

what up with all the uk people

[Sayonara]

Huh?

[YT2095]

yeah, what he said, Huh?

[Dudde]

I would love to support that argument, but I, too, must merely reply with

 

huh?

 

on second thought, with the "huh" intact, I second fazeeee's question too

[YT2095]

to which I in turn respond with `doudle HUH?`

 

and hereafter await Sayanora to reply with " Yeah, what he said"

 

erm.... is this thread actualy GOING anywhere? LOL

[Dudde]

I'll counter that doudle with "what the freak is doudle?"

 

and ban fazeeee, so I can steal his argument

 

of course this is going somewhere. UK people are everywhere

[Sayonara]

Whut?