|
New TDSS rootkit infects 4.5 million PCs in 3 months, targets rival malware
|
|
The following comments relate to this news article:
article published on 30 June, 2011
TDL-4 rootkit is another major upgrade to notorious TDSS family.
The TDSS rootkit family (also known as Alureon or TDL) is something of an admired worst enemy of security researchers and vendors of anti-virus products. They hide deep in the Windows operating system, using and manipulating low-level instructions to avoid detection by anti-virus suites, and using encryption to protect their ... [ read the full article ]
Please read the original article before posting your comments.
|
Member
|
30. June 2011 @ 01:39 |
Link to this message
|
|
Yall are dumb, yall are so dumb.
|
|
Advertisement
|
|
|
|
Member
|
30. June 2011 @ 01:40 |
Link to this message
|
|
Unless it uses only the most frequently used commands, not the ones just sitting there to be exploited, it'll still get to my computer and just sit there unable to do anything.
|
AfterDawn Addict
1 product review
|
30. June 2011 @ 05:44 |
Link to this message
|
Don't you love windows? It blocks me from installing drivers, and lets non-user processes to do whatever they like.
Then again, this does clean more viruses than any of the M$ security suites...maybe they want it.
|
Senior Member
|
30. June 2011 @ 11:32 |
Link to this message
|
|
That's pretty intense. I guess at that point you just have to reinstall.
|
Staff Member
|
30. June 2011 @ 11:51 |
Link to this message
|
Originally posted by KillerBug:
Don't you love windows? It blocks me from installing drivers, and lets non-user processes to do whatever they like.
Then again, this does clean more viruses than any of the M$ security suites...maybe they want it.
These rootkits are installed by users with administrative privileges who are duped into installing them. Take a look at MacDefender, it did exactly the same thing. The big difference is the investment dollars for black hat software production aren't geared toward non-Windows systems. Not because Windows is less secure, it has more non-tech-savvy users and it dominates the PC market. If the same millions upon millions of dollars targeted Linux or Mac, you'd see the same results.
|
|
Jeffrey_P
Senior Member
|
30. June 2011 @ 12:02 |
Link to this message
|
How do y'all get viruses?
If you don't visit suspect porn sites, update def files once a day there should really be almost zero problems. You are your own worst enemy.
KB, Win7 has never stopped me from installing drivers or have had an access problem.
Again, most of the problems are the users fault. Not saying it's you. maybe you are running the Virus Vista on your computer?
Jeff
|
|
hearme0
Senior Member
|
30. June 2011 @ 12:07 |
Link to this message
|
|
Loser virus writing a**holes! Wastes of life and nothing but a drain on society.........just like rampant piraters that NEVER give ANYTHING back.
|
|
Dardandec
Junior Member
1 product review
|
30. June 2011 @ 14:05 |
Link to this message
|
Originally posted by Jeffrey_P:
How do y'all get viruses?
If you don't visit suspect porn sites, update def files once a day there should really be almost zero problems. You are your own worst enemy.
KB, Win7 has never stopped me from installing drivers or have had an access problem.
Again, most of the problems are the users fault. Not saying it's you. maybe you are running the Virus Vista on your computer?
Jeff
Well said JP
|
Member
|
30. June 2011 @ 18:40 |
Link to this message
|
Jeffrey_P: If there is a security hole in the OS that can be used to gain administrative privileges via a random port, and you are connected directly to the network with a public IP address, or NATed behind an also vulnerable firewall with open ports, you can be infected with malware that comes out today exploiting that hole. Or, even better, you get an e-Mail which exploits an Outlook flaw, even if you don't open any attachment.
So, let's say you notice it tomorrow, and you submit it immediately to your AV server, they create a vaccine in another 24 hours. Your internet neighbourhood, even if using your choice of AV, and updating defs once a day just like yourself, has been exposed for over three days, even if they didn't download any porn. It's not that simple. I tell you, and I'm a PARANOID administrator which caught a pretty bad nobodykit once on an up-to-date Debian server which had settled there by exploiting a flaw in Exim4. Not kidding. Cleaning it was really painful; it took me a whole afternoon, and, I insist, I'm a Linux admin with many years of experience.
The thing is, of course, that they are all a bunch of motherf*ckers which could use their knowledge for something useful, but, I must say it again, shame on humans. :(
"You know, it seems that quotes on the internet are becoming less and less reliable." -Abraham Lincoln.
This message has been edited since posting. Last time this message was edited on 30. June 2011 @ 18:45
|
|
Jeffrey_P
Senior Member
|
30. June 2011 @ 19:06 |
Link to this message
|
Originally posted by dali:
Jeffrey_P: If there is a security hole in the OS that can be used to gain administrative privileges via a random port, and you are connected directly to the network with a public IP address, or NATed behind an also vulnerable firewall with open ports, you can be infected with malware that comes out today exploiting that hole. Or, even better, you get an e-Mail which exploits an Outlook flaw, even if you don't open any attachment.
So, let's say you notice it tomorrow, and you submit it immediately to your AV server, they create a vaccine in another 24 hours. Your internet neighbourhood, even if using your choice of AV, and updating defs once a day just like yourself, has been exposed for over three days, even if they didn't download any porn. It's not that simple. I tell you, and I'm a PARANOID administrator which caught a pretty bad nobodykit once on an up-to-date Debian server which had settled there by exploiting a flaw in Exim4. Not kidding. Cleaning it was really painful; it took me a whole afternoon, and, I insist, I'm a Linux admin with many years of experience.
The thing is, of course, that they are all a bunch of motherf*ckers which could use their knowledge for something useful, but, I must say it again, shame on humans. :(
Thanks for info on privileges.
I don't use Outlook in favor of Thunderbird.
Truth is, I don't use M$ for anything except for the OS and OS updates which seems to show up every Thursday.
That's what get we for an OS with the highest user base. Something Mac owners are now finding out because of Apples market share.
I run Puppy Linux a lot of the time. Finally a linux OS that Joe Sixpack can use.
Hell, I remember using Unix. Old as dirt by today's standard.
Also I run auto racing games under Windows. I'm not sure that Wine will run them but it's not worth the time trying to do a setup.
Jeff
Cars, Guitars & Radiation.
This message has been edited since posting. Last time this message was edited on 30. June 2011 @ 21:27
|
Senior Member
2 product reviews
|
30. June 2011 @ 19:52 |
Link to this message
|
Originally posted by hearme0:
Loser virus writing a**holes! Wastes of life and nothing but a drain on society.........just like rampant piraters that NEVER give ANYTHING back.
Usually for people who write viruses this complex are in it for the (large sum of) money. While the writers can and, occasionally, do get caught most of the time security researchers (etc.) just try to take down the C&C centers the bot uses.
As for this new virus/rootkit, by using a P2P network for its communications the virus writers have made this virus that much harder to shut down.
"The only people who should buy Monster cable are people who light cigars with Benjamins." - Gizmodo
|
|
Jeffrey_P
Senior Member
|
30. June 2011 @ 21:45 |
Link to this message
|
Do you mean DOS? Except for a very few games they will not run.
Besides all the hoopla you have to go through with all the condoms Game distributors use... Just not worth it.
The Amiga was a different story. The OS had a GUI + a CLI (Command line interface)
Perfect hackers machine.
I have to admit buddies would trade software when 9600 Baud modems ruled.
I regret doing it and probably was one of the death knell for the Amiga. Unlike today where $$$$$ are made.
Jeff
Cars, Guitars & Radiation.
This message has been edited since posting. Last time this message was edited on 30. June 2011 @ 21:54
|
Member
|
1. July 2011 @ 10:07 |
Link to this message
|
Originally posted by Jeffrey_P:
Do you mean DOS? Except for a very few games they will not run.
Besides all the hoopla you have to go through with all the condoms Game distributors use... Just not worth it.
The Amiga was a different story. The OS had a GUI + a CLI (Command line interface)
Perfect hackers machine.
I have to admit buddies would trade software when 9600 Baud modems ruled.
I regret doing it and probably was one of the death knell for the Amiga. Unlike today where $$$$$ are made.
Jeff
The Amiga Isn't quite dead yet, still development ongoing. still have my a1200 in my studio :) cant beat a bit of 8 / 14 bit emulated vocals :)
This message has been edited since posting. Last time this message was edited on 1. July 2011 @ 10:09
|
|
Jeffrey_P
Senior Member
|
1. July 2011 @ 10:22 |
Link to this message
|
|
Almost forgot about the 1200. Had one of those also.
The main reason I had to go PC is because developers jumped ship. Can you blame them? A bud from SLAC wrote communication software. It is a published document that can still be found on the SLAC/pub website. He dumped the Amiga and started work on BeOs apps;) He was the largest proponent for the Amiga you could ever meet.
No software, no customers.
I use a TASCAM 2488 for recording.
Jeff
Cars, Guitars & Radiation.
This message has been edited since posting. Last time this message was edited on 1. July 2011 @ 10:26
|
|
ToadWiz
Junior Member
|
1. July 2011 @ 11:55 |
Link to this message
|
There's no justice; there's just us.
|
Member
|
1. July 2011 @ 12:05 |
Link to this message
|
|
I do most of mine computer based now with control surfaces, still have a roland vs880 tucked away as well as old tascam 4 tracks :))
Ah for the simplicity of the old octamed, soundstudio on pc is ok but hasnt got the feel
|
|
Jeffrey_P
Senior Member
|
1. July 2011 @ 12:09 |
Link to this message
|
Originally posted by ToadWiz:
Originally posted by Jeffrey_P:
How do y'all get viruses?
If you don't visit suspect porn sites, update def files once a day there should really be almost zero problems. You are your own worst enemy.
Jeff
I think you ought to look at this article: http://www.eweek.com/c/a/Security/11-Internet-Security-Myths-That-Delude-Computer-Users-114208/?kc=EWKNLNAV06292011STR1
Fact: Most malware comes from rogue "normal looking" websites or compromised legitimate sites.
Your viewpoint is the common misconception, not that I recommend surfing porn sites.
Are you stalking me?
Did you read my post or just pinpoint what raises your interest?
You are preaching to the choir.
Jeff
Cars, Guitars & Radiation.
This message has been edited since posting. Last time this message was edited on 1. July 2011 @ 12:12
|
|
ToadWiz
Junior Member
|
1. July 2011 @ 13:04 |
Link to this message
|
|
Trust me, you aren't important enough to stalk. I am just aware of the MISCONCEPTION that adult web sites are the major distributor of infections, and it doesn't serve the community to confirm that myth.
There's no justice; there's just us.
|
|
Jeffrey_P
Senior Member
|
1. July 2011 @ 13:32 |
Link to this message
|
|
What's with the nic? Do you have warts?
Jeff
|
|
ToadWiz
Junior Member
|
1. July 2011 @ 13:38 |
Link to this message
|
|
Toad was my nic from school ... more than 40 years ago. Unfortunately, someone beat me to it, so I had to mod it a bit. No warts.
There's no justice; there's just us.
|
|
Jeffrey_P
Senior Member
|
1. July 2011 @ 13:48 |
Link to this message
|
Ok man understood.
Are you Hammer Head?
Jeff
|
Senior Member
|
2. July 2011 @ 02:25 |
Link to this message
|
|
I have seen many of my friends and neighbors get infections who never visit porn sites, and most porn sites who are huge money makers believe it or do a pretty good job at policing themselves, they are not stupid.
Sure you will get adware and spyware and all kinds of bloaded crap from them, but viruses? not that often, actually rare.
|
Newbie
|
2. July 2011 @ 08:03 |
Link to this message
|
so, i have kaspersky installed, and consider myself knowledgeable but with this article i fail to see the point? it just puts the frighteners up you for no apparent reason, with no apparent remedy.i also cannot believe that this type of virus just downloads and installs itself without me knowing. enlighten me on this one as i have a well old dell with 500mb ram and 40gig hard drive and the original graphics card. in other words, you can't get slower than this, so i would notice an extra spider game being run let alone a malicious virus being fitted,
heinekabimbam
|
|
ToadWiz
Junior Member
|
2. July 2011 @ 09:15 |
Link to this message
|
Originally posted by Jeffrey_P:
Ok man understood.
Are you Hammer Head?
Jeff
Is this some kind of insult? I don't know what or who Hammer Head is.
There's no justice; there's just us.
|
|
Advertisement
|
|
|
|
Jeffrey_P
Senior Member
|
2. July 2011 @ 09:24 |
Link to this message
|
|
No there is another thread where I insulted you. You do know how to use the search function do you not?
Newbie eh?
Shit disturber sums it up better.
|
