lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
From: ww at STYX.ORG (ww@...X.ORG) Subject: DCOM/RPC story (Analogy) On Sun, Aug 31, 2003 at 12:19:35PM -0700, Steven Fruchter wrote: > That is completely moronic to act as if he did not do anything but just > hex edit the code and change the name for example on the .exe . He also > like a moron had the infected drones contact his website (which he is > registered to) so that he can see who has been infected to control them. > This means that he had more than just wanting to change the name of an > .exe for example, it shows his intent. I was not aware of this. Yes, it changes the scenario somewhat: it mitigates the amount of "damage" of that could be caused by the worm if he had just changed some text strings. Consider: all drones controlled by a single entity or drones controlled by multiple uncoordinated entities. Which has the greatest potential for, say, a coordinated DDOS attack? Of course distrupting the worm's control mechanism probably wasn't his intent. So maybe he's a bit misguided but mostly harmless. > Regardless of what he did or didn't do, he will > probably get the blame of the entire thing Trial by media anyone?
Powered by blists - more mailing lists