‘Zombie’ army ready for attack
p2pnet.net News:- A co-ordinated malware attack involving the Glieder, Fantibag and Mitglieder trojans and designed to establish a huge botnet under hacker control is being predicted by Computer Associates.
“CA reckons that access to the compromised PCs is for sale on a black market, at prices as low as five cents per PC,” says The Register, going on:
“CA security researchers reckon the three items of malware have been combined to maximise the potency of the overall assault.”
The post says the three prongs include:
Glieder-AK: the “infantry element” of the malware attack infects systems, open up backdoors that exploited by the follow-on Trojans. On 1 June, 2005, eight new Glieder variants appeared in rapid succession and quickly spread. “The apparent objective is to get to as many victims as fast as possible with a lightweight piece of malware,” CA said.
The Fantibag Trojan further disables the security features of compromised systems. It exploits networking features of target systems to prevent those systems from being able to communicate with anti-virus firms or with Microsoft’s Windows update site, so isolating infected systems.
The Mitglieder Trojan opens a backdoor on a compromised system, leaving them under the control of hackers.
“The co-ordination between the Glieders and Fantibag Trojans can have a potentially devastating effect on desktop systems,” Simon Perry, CA’s vp of security strategy, EMEA, is quoted as saying. “This phenomenon is indicative of how malware is becoming increasingly sophisticated and more directly linked to criminal endeavours.”.
Something you think we should know? tips[at]p2pnet.net
See:-
The Register – Hackers plot to create massive botnet, June 3, 2005
June 4th, 2005 at 9:01 pm
I predict we will see more and more articles like this. Building up the panic (OMG the crimainals and terrorists are after my computer). Next the media will start pushing the solution is the secure computing aka hardware DRM. And in the end hollywood gets what they want. Which is to able to control what you see and do on your own computer.
Well, from all the coverage p2p has received it is abundantly clear the cartels (aka hollywood) do control the media.
And it all started with M$ leaving their system open to attacks, and people not knowing how to protect themselves from attacks.
June 5th, 2005 at 4:55 am
I don’t see how people could be so stupid anyway to allow that sh** on their machines in the first place. I mean no antispyware, antivirus, and no firewall. I guess the people just get the pc and plug it into eithernet and think that is it.
June 5th, 2005 at 6:50 am
Depending on who they are attacking, I might let it on my system. It seems disruption is the only voice left for the common man
June 6th, 2005 at 10:34 am
A very astute observation. CA is a prodigy of the M$ way of doing things – “… promise them anything until they’re hooked, then gouge the hell out of them.” I know whereof I speak:
In February, 2005, responding to a solicitation which promised one full year (12 MONTHS) of free virus protection software from CA, I decided to give it a try — at that particular time, my poor HP Pavilion simply could not weather the blizzard of pop-ups, viruses, spyware, and malware which had beset us in recent months. I figured I might as well give the CA offer a try, just to see if it worked well enough to buy NEXT year.
In early May, 2005, I received this email notice from CA (I copied it directly from my “Saved email” file — no editing:)
>>>>>>>>>>>>>>>
>Dear eTrust™ EZ Armor™ LE Customer:
>
>Computer Associates International, Inc. (CA) is constantly
>striving to improve our software and services to best meet your
>needs. As we work to develop superior functionality and
>embrace advanced technology, it is sometimes necessary to
>discontinue support of some of our older product releases in
>order to focus development efforts on new releases.
>
>Therefore, effective August 15, 2005, we will be discontinuing
>support for:
>
>eTrust™ EZ Armor™ LE version 2.1.
>
>Rest assured that we will continue to support your product until
>your free trial is complete. As well, if you renew or upgrade
>your subscription, you will be given a FREE upgrade to our
>latest version, which is fully supported.
>
>Upgrade Now:
>
>You may prefer to upgrade your trial to the latest full version
>now. The latest full version includes fixes to known issues,
>additional functionality, and full support for Windows XP Service
>Pack 2.
>
>To renew your subscription now and upgrade to a full featured
>product, click here.
>
>If you have ALREADY renewed, but did NOT upgrade your
>software at that time, then click here to get your FREE upgrade.
>
>Click here to get upgrade instructions.
>
>Thank you for your continued support of Computer Associates.
>>>>>>>>>>>
Please note how quickly they offered to provide an update for a fee. I have long suspected that most of the perpertrators of viruses, spyware, trojan horses, etc. etc. are the software companies which supply (for healthy fees) the necessary remedies.
One other quick note: One day I was reading in the paper where Mr. Gates had pledged the mighty resources of his megalith to help combat excessive junk mail. That very evening, while idly surfing the Internet, I ran across an ad from MS which offered a course to help start-up businesses in mass marketing on the Web; among other things, the course would tell and show how to create massive email lists — etc.
No B.S!! I now wish I had used my Acrobat Distiller to print the page for posterty.
Software giants make money the old-fashioned way — they buy and sell politicians and “public servants”.
June 6th, 2005 at 3:35 pm
I agree totally. That is why it is so important to get off the cartel’s product and use community-developed products that are free to use and free to modify. As long as people depend on paid software with no access to the source code, they will be at the mercy of those who write the code. That is why I prefer Linux ot Microsoft any day. I don’t have to deal with pop-ups, viruses, spyware, and other such annoyances. Even when such things do occure, all I have to do is add some lame hack that changes slightly how programs are run and the problem is resolved.
Look at the webbrowser called Konqueror. It does not give extra privileges to applets that have puchased trust from a certificate authority. The user has to tell Konqueror to trust the application and specify exactly what permissions the applet gets. This is in start contrast to Microsoft based solution where OCX and other scripts are run automatically simply because they are “signed” and certified by a “Trusted Authority”.
When buying software from a company, remember that the highest calling of that company is usually to make money. The software is designed with that goal in mind. However, when a hobbyist or a free software group writes a program, it is usually for the goal of accomplishing a task. In many cases, it is also to show off the skills of the programmer. The programmer who writes insecure code most of the time will not have a good reputation. I find that the work of a very active open source poject to be superior than that of a commercial developement business.