lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Message-ID: <freemail.20050208125622.3760@fm4.freemail.hu>
From: etomcat at freemail.hu (Feher Tamas)
Subject: Re: The end is nigh: first true MMS mobile worm
	in the wild

Hello,

There are two alternative definitons for a computer worm:

A., A malicious piece of code that replicates between
systems by creating new objects on the system to be
infected, as opposed to embedding itself in already existing
objects (a virus does this).

B., A worm is something that spreads between infected
systems over the network, either directly (e.g. SQL-worm) or
by way of a higher protocol (e. g. SMTP e-mail worm). In
contrast a virus spreads between objects, via physical data
storage media when jumping from one machine to another.

IT security pros overwhelmingly use def. A, the public
better understands def. B.

The fact that human action (e.g. double click on
BGK-ffn-ad-for-Starbucks.exe mail attachment) is needed to
infect, does not ban a piece of malware from being a worm. A
lot of SMTP worms depend on dumb user to infect and spread.

A mail that does not have malicious machine code, but relies
on human readable plain text code and social engineering
tricks to spread is usally called a hoax or an "albanian virus".

There are worm-viruses. For example Magistr.B, the assembly
masterpiece from autumn 2001 was a worm-virus. It spread in
e-mails and over SMB LAN shares. It could also infect inside
files on the system and did encoding to destroy data. It was
damn hard to disinfect because of this.

I think the nature of Symbian.Commwarrior is not exactly
clear yet. But by considering the popularity of triple-cross
and pr0n content on the Net, a pink-factor driven MMS mobile
malware should have a bright future. People click when they
can't f*ck. Sex sells, as the saying goes.

I does make sense to run for the hills, because GSM signal
strenght is weak or zero there so you won't become infected.

Sincerely: Tamas Feher.

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ