| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
From: steve.wray at paradise.net.nz (Steve Wray)
Subject: MyDoom download info
> [mailto:full-disclosure-admin@...ts.netsys.com] On Behalf Of
> Paul Schmehl
>
> --On Saturday, January 31, 2004 12:25 PM -0500
> Valdis.Kletnieks@...edu
> wrote:
>
> > On Sat, 31 Jan 2004 12:03:37 +1300, Steve Wray
> > <steve.wray@...adise.net.nz> said:
> >
> > What worries me is we haven't seen *either* an actual damaging virus
> > (imagine if the last 2 lines of Mydoom were "sleep(4hours);
> > exec("format c:);") or a "sleeper" virus.
>
> This doesn't worry me much at all. Since virus writing has
> been taken over by the scammers, spammers, criminals and thieves, the
last
Paul, your quoting is a bit off there (makes it look as if I wrote
that),
but to address the points, as one person wrote, its difficult to spread
fast when you are trying to be stealthy; I would argue that if one is
stealthy enough, one doesn't need to spread fast since one is trying to
evade detection rather than evading elimination.
If a virus could spread slowly but stealthily, it could be all over
the planet and activated before any antivirus vendor became aware
of its presence and came out with a fix; it wouldn't matter much
if it took a year of quiet spreading.
Sometimes (and here I go sounding paranoid again) it seems that the
viruses and worms we see are nothing but a smokescreen; they are
SO VERY obvious.
so-called 'script kiddies' and the old school vxers wanted a quick hit
of adrenalin. Organised crime syndicates are a lot more patient.
Powered by blists - more mailing lists