Increasingly, malware authors target rivals to keep compromised systems completely under their control.
In one interesting case, reported by The Register, an author of the TDL 3 rootkit decided to make some extra cash by selling the source code of the rootkit. The Russian developer sold the source of one version of the rootkit, while keeping another.
From the rootkit source sale, another ... [ read the full article ]
Please read the original article before posting your comments.
Someone told me once that theres a right and wrong, and that punishment would come to those
who dare to cross the line.
But it must not be true for jerk-offs like you.
Maybe it takes longer to catch a total asshole.
Someone told me once that theres a right and wrong, and that punishment would come to those
who dare to cross the line.
But it must not be true for jerk-offs like you.
Maybe it takes longer to catch a total asshole.
Maybe I have become callus that it is common for computers to be attacked with root kits or some other even more insidious method of attack. I say insidious because there is a wide array of root-kit detectors, while some bot nets use new nearly undetectable methods. I now have a spare C: squeaky clean loaded with a dozen or so malware detectors that I can use when I suspect foul play but nothing turns up in scans. Because these attacks are ?business as usual?, I browse from a sandboxed browser so any virus attack will be contained inside the sand box. If I suspect foul play the sandbox is deleted. Those Spanish guys that ran a 6 figure bot net had no technical expertise. They just picked up what they needed on several hacker sites and used the tools very effectively.
AD put out an article stating about 80% of the new malware can download files of its choosing. I think you are a bit naïve thinking computing is much safer than it really is.
Originally posted by Mez: I think you are a bit naïve thinking computing is much safer than it really is.
I never said anything of the like. I can't think of a good analogy for you, but you have a rootkit author selling the source code of one to another rootkit/malware 'company'! This isn't good for anyone.
And yes, I do care 'who has control of my computer'....me! I don't want any of this ish on my computer. But as you pointed out, I may not have a choice. But I have had no problems thus far.
I think you need to go back and reread the article. I think you got confused along the way.
Someone told me once that theres a right and wrong, and that punishment would come to those
who dare to cross the line.
But it must not be true for jerk-offs like you.
Maybe it takes longer to catch a total asshole.
If you were paying attention to all the scary articles published over the last year or 2 this wouldn't add any new danger to anything.
I understood the article and what I said was there was at least one AD article that I remember where non programmers can cobble together a bot net from hacker web sites and command a bot net of hundreds of thousands of computers. That to me was much much scarier than this. At least with the root kit sales the person using the root kit must be a programmer. It is kind of being over whelmed that you can buy throwing knifes which requires skill to use but are not upset that you can buy a gun or handgrenade that require little skill to use, on the street.
I never said you don't care who has control of your computer. You do have a choice. I suspect you do not frequent sites that are problems. My kids must go to the wrong places. I suspect facebook might be one. Maybe it was kiddy game sites. I do know the home computer was getting several viruses a week with McCaffy running. My daughter hogs the computer and spends most of her time on facebook. I have a 12 yr old that still gose on kiddy sites. That is a great place to infect. Kids have no fear or sense. I also have a 21 yr old so who knows who was getting the computer infected.
As a tip, install sandboxie and browse under it. It is a free utility. I blow away the sandbox every week or so on the family computer. Scans after the delete are clean. I use several different scanners that may be better than macaffy. 2 will detect root kits. These have to be done manually so it is a pain and many require rebooting. I now scan less than once a month because I think the routine is safe.
Because of the sandboxing effect, rootkits probably do not work. The root kits probably load themselves into where updates go and are applied at start up. The effect puts them into the wrong place so they do not get executed when they need to. They get executed when Sandboxie starts up and you would need permission to even try to execute the package. Even if you OK the update (stupid!) the root kit missed its window of opportunity, your OS is already loaded.
