Okay, it’s time to look in my crystal ball: I foresee that within the next month there will be a wave of virulent new malware (virus or worm) that targets one of the five vulnerabilities that Microsoft released last week. The malware will affect the legions of servers and workstations that have not been updated with the latest patches and affect thousands, if not millions, of systems worldwide. My vote is for MS03-037, a flaw in Visual Basic for Applications (VBA), but one of the other Microsoft Office application flaws may be the first victim.
I know that this isn’t going out on a limb on my part. I’m really getting sick of the ‘Windows Vulnerability of the Week’ game. And five vulnerabilities in one day was a little excessive.
Continue Reading »
I have to give the FBI some kudos for catching up to the writer of the MBlaster.b worm, but in all fairness, it wasn’t really all that hard of a catch. The script kiddie idiot who wrote the worm actually set it up to call home … his home! All the FBI had to do was a little research to find out where the computer the worm was calling back to was. Not a really difficult task in the scheme of things.
In case you don’t know what a script kiddie is, its someone who has no real, high-level, technical skills. Usually they use tools created by a true hacker, or in the case of this guy, take an existing tool (worm) and modify it slightly for their own use. In the case of ‘teekid’, he modified the worm to meet his needs without really understanding what the phone home option would mean to his future. Can you say ‘prison time’?
But that isn’t what really annoys me. It is the media portrail of the events that gets to me. I understand that the real technical details of the worm, how the FBI caught up with the hacker and similar issues are beyond the ken of most readers, but I would like it a lot more if they made it clear that teekid is not the writer of the original worm. All the FBI did was catch a clumsy copycat, not the hacker who originally created the worm. The hacker is still out there, and since the trail went cold in South Korea, he will probably be out there for quite some time.
Teekid, or Jeffery Lee Parsons, is really a small fish in the hacking pond. To give you a analogy, this would be like the police catching the guy on the corner of the street offering joints and saying they had captured a major drug lord. Or in this case, the media saying it. But I guess the truty is that sensationalism sells. Saying ‘Copycat Script Kiddie Caught’ doesn’t sound nearly as impressive as ‘Worm Writer Captured!’
Reading the headlines and write-up of a story that I’m familiar with really makes me question the stories where the media view is the only information I have. Not that this is a big change, since I tend to question information, no matter what the source. I hope I’m never in a news item, because I hate to think how I might be misrepresented or misquoted.