Technology Gadgets Food Toys Fun and Games

Link: http://it.slashdot.org/story/09/07/10/0452256/Korean-DDoS-Bots-To-Self-Destruct

Oh boy,

Several news sources are reporting that the tens of thousands of Microsoft Windows systems infected with the Mydoom worm and being used in an ongoing denial of service attack against US and S. Korean government Web sites will likely have their hard drives wiped of data come Friday.

Well, one good thing - all those infected machines will be really really easy to identify ...

Get your Windows Cd ready for reinstall.....

Link: http://www.appleinsider.com/articles/09/06/11/microsoft_announces_free_anti_virus_service_for_windows.html

You're gonna love this - whats worse than Windows Defender ? No, sadly it's not a joke. I mean I've seen countless malware apps slip right past that wonder of a useless software package... not to mention the hassle of installing it... oh sure - please verify your Windows copy is legit 14 times and all..

No, this new offering is cloud based - so all your traffic goes through Microsoft's servers to be sterilized.

Aha, I'm sure no bad will come of that. - What's the data retention policy? Will that search for Win XP key codes go through? I figure no serious user will have anything to do with this one.

The other question is - will it be a good tool to protect the clueless noobs? IMHO not if it's anywhere near as lax as Defender.

Link: http://news.zdnet.com/2100-9595_22-292858.html

You do remember the Conficker virus right? Well, it hasn't gone away. All those folks that have infected systems are now sending spam out unknowingly.

According to a report by Xinhua News Agency, Conficker-infected machines are now being turned into servers for e-mail spam. Quoting Vincent Weafer, vice president of Symantec Security Response, Xinhua reported Conficker now installs a second virus--Waledac--that sends out e-mail spam without the computer owner's knowledge.

I figure we will all start seeing an increase on the already overwhelming volume of spam.

Link: http://news.cnet.com/8301-1009_3-10218363-83.html

Security experts say be careful who you follow on Twitter, after worm attacks leave some users with infected profiles- worm infected "tens of thousands of users".

Yep, here we go again - all so you can find out that Joe Schmo is still having regular bowel movements and all.....

Link: http://news.cnet.com/8301-1009_3-10217386-83.html

Ok, the plot thins... so far Confickers turned out to be a very elaborate scheme to make money....

If your PC has - Spyware Protect 2009 and is displaying warning messages saying that the computer is infected and offering to clean it up for $49.95

You've been had once - if you go and spend for this crapware you'll have been had twice ...

Tho I have nothing against you if you call me to fix your problems, as long as you have a few hundred.95

The nefarious conficker worm just woke up and started downloading - Firstly the conficker variant got updated and got some new functions.

This from SANS

Various sources report that some conficker infected systems are receiving updates now. The update may include a keylogger and other code to exfiltrate data. We will keep this diary updates as we hear more. The update is delivered using the P2P mechanism

Word on the street is that the new payload it's taking after that is a rootkit. - which makes prefect sense - you can clean up the conficker worm... cleaning the rootkit is an entirely different matter.

If it is a rootkit conficker will be doing what most of us thought it would all along - harvest bank accounts, credit cards, personal data -

someone stands to make a lot of money off of it. Weather they sell the data or use it themselves.

If you still are unsure if you are infected there is a simple test

if you fail this test you could try one of the many removal tools

But be aware - if you aren't sure what you're doing or aren't particularly technically savvy.... get you a tech.