Internet Anthropologist Think Tank: wE are coNNecteD

  • Search our BLOG


  • HOME
    Terrorist Names SEARCH:
    Loading

    Friday, March 07, 2008

    wE are coNNecteD


    ZHadum writes: "9 February 2007, Moscow, Russian Federation.

    He was tired. It is a long flight from the one part of country to the capital. They arrived to meet him, at Sheremet'evo. He looked over their heads.

    - Supposing somebody else? - one of them asked, they call him - the mister Z. His tricky smile sometimes really irritates Alexander. Mister Z has created a mighty things in the past, but for now, he retired. As well as all others from the group. Alexander doesn't answer and pointed on others.
    - I wouldn't say I am like to see most of us.
    - Just leave it, 2002 is over, - said one of them - lame man with a small cane. He smiled just like the mister Z. Mister Z doesn't like it, because they were no friends and more - almost enemies.

    13 February 2007, somewhere in Moscow.

    - It is wonderful, - she said. She was standing right with window and can see a vista of the part of Moscow Kremlin.
    - I saw photos, - Alexander doesn't looked into the window and moves to table where heap of equipment were located. Two notebooks (AMD Turion), several hard drives with overall capacity up to 1 Tb and a lot of wires.
    - You lost all of your romantic, - she ascertained the fact.
    - And you are not? - he asked by the way turning notebook power. The Windows 2003 R2 welcome screen appeared. Hard drives were blinking with blue lights. She moved and watched on login. R2 has launched, and restored network connection. He started cmd.exe and typed

    ping http://******cops.com (actual name hidden, ZHadum remark)

    They wait few second. Packets doesn't come. 50% lost.
    He switched window and launched Miranda. They all were here. Waiting for assistance.
    -Huh, - she told and has gone to the bathroom.
    V: I'm getting 50% packet lost during ping
    Z: checking from outside
    Z: wait...
    Z: 75% are lost
    V: what is the peak of bandwidth?
    A: around 700 M/bits per second
    L: it is jumping through
    Z: growing baby
    V: can we locate the source of attack?
    Z: suppose to be no for now :)
    K: this attack isn't managed, fully automatic
    Z: sync-flood and teardrop, guess
    V: doesn't like that it is working, I'm still able to ping them
    K: and what we suppose to be do? storm doesn't answers, it is fully automatic
    Z: depends on the number of bots, guess this is not a network limit
    L: more to go :)
    He logged out and started Opera browser. Then typed a web resource address and begins wait, it was predictable slow. Network still hold the line. Alexander smiled and turned off R2.

    1X February, the same place.
    "All your base are belongs to us", lalala
    He and she laughed a lot. Even mister L enjoyed such approach.
    - Remembers old MSDOS times, - he said.
    Alexander has noded and again start laughing.
    On the Miranda screen they can see a last message
    Peak bandwidth rate is 860 M/Bits per second

    1X February, the same place.
    "We are sorry, maintenance problems". F5 was pressed and site has been resolved to 127.0.0.1.
    Network was almost dead, bandwidth was around 1G/bit.
    - Can rdbot give the same results? - asked she (she always interested in network security) from mister L.
    - If they will gain more resources it is possible to shutdown whole target network.
    - It is depends on what kind of hardware they have, - noted Z. - If they are rich... you can continue.
    - Guys and girls did you read the stuff they are posting around? - Alexander smiled. - They tracked several bots and went to the Moscow.
    - Bugaga, - said mister Z. - They can reach this result with a lot of other captured bots.
    - Computer Police is upcoming - she was in the high spirits state. "Computer Police" was a something unreal and unknown for this country, well because most of it members were totally lame and nobody doesn't really wanned to do his job, all doesn't matters.
    - Thats a Storm problems, - mister L said.
    - Attack strength will decrease its rate while bots will die - added mister L. - Three days maximum.
    - Storm Manipulation stage complete - said Alexander and turned notebook power off."

    http://www.rootkit.com/blog.php?newsid=859

    http://snipurl.com/217xs

    zzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzz

    1. Is The Storm Worm Finally Blowing Over?
    Spam report from Marshal says yes. But other security vendors have their doubts.

    http://nl.internet.com/ct.html?rtr=on&s=1,3u4y,1,kzrs,husy,4kcc,do3i

    ------------------------------
    ------------------------------
    2. 3/6: Monagrey Trojan Still in the Wild
    Security vendors continue to issue alerts for W32/Monagrey, a Trojan that will infect
    Windows systems, terminate applications and modify IE start page.

    http://nl.internet.com/ct.html?rtr=on&s=1,3u4y,1,fgvh,4ecz,4kcc,do3i

    ------------------------------------------------------------
    3. 3/6: Wince_Infojack.A Worm Runs in Mobile Devices
    Wince_Infojack.A is a worm that is designed to run in the Windows CE environment used in
    mobile devices.

    http://nl.internet.com/ct.html?rtr=on&s=1,3u4y,1,29ca,dy6r,4kcc,do3i

    ------------------------------------------------------------
    4. 3/6: Backdoor.Sanjicom Trojan Uses Rootkit
    Backdoor.Sanjicom is a Trojan horse that opens a back door on the compromised computer
    and uses a rootkit to avoid detection.

    http://nl.internet.com/ct.html?rtr=on&s=1,3u4y,1,kmn4,fl5c,4kcc,do3i

    ------------------------------------------------------------
    5. 3/5: Trojan.Mdropper.AA May Download Malicious Files
    Trojan.Mdropper.AA is a Trojan horse that may download potentially malicious files on to
    the compromised computer.

    http://nl.internet.com/ct.html?rtr=on&s=1,3u4y,1,bm63,htk6,4kcc,do3i

    ------------------------------------------------------------
    6. 3/5: Mytob.SA Mass-Mail Worm Lowers Security Settings
    W32.Mytob.SA@mm is a mass-mailing worm that opens a back door and lowers security
    settings on the compromised computer.

    http://nl.internet.com/ct.html?rtr=on&s=1,3u4y,1,5ct1,7iux,4kcc,do3i

    ------------------------------------------------------------
    7. 3/5: Drop-J a Windows Trojan
    Troj/Drop-J is a Windows Trojan.

    http://nl.internet.com/ct.html?rtr=on&s=1,3u4y,1,jt15,j61l,4kcc,do3i

    ------------------------------------------------------------
    8. 3/5: Agent-GRI Trojan Installs Itself in Registry
    Troj/Agent-GRI is a Trojan that installs itself in the system registry.

    http://nl.internet.com/ct.html?rtr=on&s=1,3u4y,1,a439,5jkv,4kcc,do3i

    ------------------------------------------------------------
    9. 3/5: Delf.APB Trojan Drops Files, Deletes Hosts File
    W32/Delf.APB is a Trojan that will infect Windows systems.

    http://nl.internet.com/ct.html?rtr=on&s=1,3u4y,1,9pt9,kfyn,4kcc,do3i

    ------------------------------------------------------------
    10. 3/5: Banker.KTG Trojan Steals Passwords
    Banker.KTG is a Trojan whose main objective is to steal passwords from the affected
    computer.

    http://nl.internet.com/ct.html?rtr=on&s=1,3u4y,1,hebr,ckcd,4kcc,do3i

    ------------------------------------------------------------
    11. 3/5: SymbOS.Kizaha.A Trojan Dropped Into Compromised Devices
    SymbOS.Kizaha.A is a Trojan that is dropped into compromised devices by
    SymbOS.Multidropper.A.

    http://nl.internet.com/ct.html?rtr=on&s=1,3u4y,1,hu7m,l46g,4kcc,do3i

    ------------------------------------------------------------
    12. 3/5: PWSDla-Gen an Information-Stealing Trojan
    Troj/PWSDla-Gen is an information-stealing Trojan for the Windows platform.

    http://nl.internet.com/ct.html?rtr=on&s=1,3u4y,1,10gx,909s,4kcc,do3i

    ------------------------------------------------------------
    13. 3/5: PWSDlb-Gen Trojan Steals Information
    Troj/PWSDlb-Gen is an information-stealing Trojan for the Windows platform.

    http://nl.internet.com/ct.html?rtr=on&s=1,3u4y,1,20gl,k43u,4kcc,do3i

    ------------------------------------------------------------
    14. 3/5: VirFire-A a Windows Virus
    W32/VirFire-A is a virus for the Windows platform.

    http://nl.internet.com/ct.html?rtr=on&s=1,3u4y,1,aacb,ke2c,4kcc,do3i

    ------------------------------------------------------------
    15. 3/5: Sdbot-DKE Worm Copies Itself, Creates Files
    W32/Sdbot-DKE is a worm for the Windows platform.

    http://nl.internet.com/ct.html?rtr=on&s=1,3u4y,1,eeng,gqs6,4kcc,do3i

    ------------------------------------------------------------
    16. 3/5: Dwnldr-ZLA Trojan Drops, Executes Files
    Troj/Dwnldr-ZLA is a Trojan for the Windows platform.

    http://nl.internet.com/ct.html?rtr=on&s=1,3u4y,1,g0ld,f8ic,4kcc,do3i

    ------------------------------------------------------------
    17. 3/5: Monagrey Trojan Modifies IE Start Page
    Monagrey is a Trojan that modifies IE start page and prevents common applications from
    running.

    http://nl.internet.com/ct.html?rtr=on&s=1,3u4y,1,fqvt,bycc,4kcc,do3i

    ------------------------------------------------------------
    18. 3/4: Agent.FRV Trojan May be Unknowingly Downloaded
    Troj_Agent.FRV is a Trojan that may be downloaded unknowingly by a user when visiting
    certain malicious Web sites.

    http://nl.internet.com/ct.html?rtr=on&s=1,3u4y,1,alsg,64ys,4kcc,do3i

    ------------------------------------------------------------
    19. 3/4: Agent-GRF Trojan Copies Itself
    Troj/Agent-GRF is a Trojan for the Windows platform.

    http://nl.internet.com/ct.html?rtr=on&s=1,3u4y,1,62nn,feve,4kcc,do3i

    ------------------------------------------------------------
    20. 3/4: Agent-GRE Trojan Installs FIle
    Troj/Agent-GRE is a Trojan for the Windows platform.

    http://nl.internet.com/ct.html?rtr=on&s=1,3u4y,1,1hhb,m80z,4kcc,do3i

    ------------------------------------------------------------
    21. 3/4: Repet-A a File Infector With Backdoor Functionality
    W32/Repet-A is a file infector with backdoor functionality.

    http://nl.internet.com/ct.html?rtr=on&s=1,3u4y,1,gu8w,65t2,4kcc,do3i

    ------------------------------------------------------------
    22. 3/4: Agent.FRV Trojan May be Unknowingly Downloaded
    Troj_Agent.FRV is a Trojan that may be downloaded unknowingly by a user when visiting
    certain malicious Web sites.

    http://nl.internet.com/ct.html?rtr=on&s=1,3u4y,1,gs70,et3u,4kcc,do3i

    ------------------------------------------------------------
    23. 3/4: OnLineGames.RYH Trojan Infects Windows Systems
    W32/OnLineGames.RYH is a Trojan that infects Windows systems.

    http://nl.internet.com/ct.html?rtr=on&s=1,3u4y,1,4k9m,fiwy,4kcc,do3i

    ------------------------------------------------------------
    24. 3/4: Vimm Virus Infects Executable Files on Local, Remote Drives
    W32.Vimm is a virus that infects executable files on local and remote drives.

    http://nl.internet.com/ct.html?rtr=on&s=1,3u4y,1,kvt0,8vdk,4kcc,do3i

    ------------------------------------------------------------
    25. 3/4: Trojan.Monagrey Displays Virus Message
    Trojan.Monagrey is a Trojan horse that displays a message stating that the computer is
    compromised by the "MonaRonaDona" virus.

    http://nl.internet.com/ct.html?rtr=on&s=1,3u4y,1,59ea,g571,4kcc,do3i

    ------------------------------------------------------------
    26. 3/4: SymbOS/Kiazha.A Trojan Attempts to Extort Money From Device User
    SymbOS/Kiazha.A is a Trojan that attempts to extort money from device user.

    http://nl.internet.com/ct.html?rtr=on&s=1,3u4y,1,2589,db1b,4kcc,do3i

    ------------------------------------------------------------
    27. 3/4: SymbOS/MultiDropper.CR Trojan Signs User Up to QQ Account
    SymbOS/MultiDropper.CR is a Trojan that attempts to sign the user up to a QQ account.

    http://nl.internet.com/ct.html?rtr=on&s=1,3u4y,1,fyyu,d5v6,4kcc,do3i

    ------------------------------------------------------------
    28. 3/4: SymbOS/SmsSend.F Malware Sends Random SMS Messages
    SymbOS/SmsSend.F is a malware that randomly sends SMS messages to a preset number.

    http://nl.internet.com/ct.html?rtr=on&s=1,3u4y,1,1ga6,45vf,4kcc,do3i

    ------------------------------------------------------------
    29. 3/4: SymbOS/SmsSend.G Trojan Forwards User's SMS to Number
    SymbOS/SmsSend.G is a Trojan that forward user’s SMS to a phone number in a
    configuration file.

    http://nl.internet.com/ct.html?rtr=on&s=1,3u4y,1,f815,ls6j,4kcc,do3i

    ------------------------------------------------------------
    30. 3/4: SymbOS/Beselo Worm Spreads Via MMS
    SymbOS/Beselo is a worm that is distributed in a SIS file named "beauty.jpg."

    http://nl.internet.com/ct.html?rtr=on&s=1,3u4y,1,i77f,lwox,4kcc,do3i

    ------------------------------------------------------------
    31. 3/3: ExePage-A Trojan Detects Malicious Web Pages
    Troj/ExePage-A Trojan detects malicious web pages that will attempt to automatically
    download EXE files.

    http://nl.internet.com/ct.html?rtr=on&s=1,3u4y,1,if6h,hgjn,4kcc,do3i

    ------------------------------------------------------------
    32. 3/3: SillyW-A a Windows Virus
    W32/SillyW-A is a virus for the Windows platform.

    http://nl.internet.com/ct.html?rtr=on&s=1,3u4y,1,kly5,hdbr,4kcc,do3i

    ------------------------------------------------------------
    33. 3/3: Scrapkut-A a Windows Worm
    W32/Scrapkut-A is a worm for the Windows platform.

    http://nl.internet.com/ct.html?rtr=on&s=1,3u4y,1,5ubo,lr42,4kcc,do3i

    ------------------------------------------------------------
    34. 3/3: Diehard.EV.Downloader Trojan Drops Files, Modifies Registry
    W32/Diehard.EV.Downloader is a Trojan that will infect Windows systems.

    http://nl.internet.com/ct.html?rtr=on&s=1,3u4y,1,bxs0,h93f,4kcc,do3i

    ------------------------------------------------------------
    35. 3/3: Mdrop-BQG a Windows Trojan
    Troj/Mdrop-BQG is a Trojan for the Windows platform.

    http://nl.internet.com/ct.html?rtr=on&s=1,3u4y,1,jsli,hgnc,4kcc,do3i

    ------------------------------------------------------------
    36. 3/3: Looked-EF an Executable File Virus
    W32/Looked-EF is an executable file virus for the Windows platform.

    http://nl.internet.com/ct.html?rtr=on&s=1,3u4y,1,alie,3amu,4kcc,do3i

    ------------------------------------------------------------
    37. 3/3: Anpir-A Worm Targets Windows
    W32/Anpir-A is a worm for the Windows platform.

    http://nl.internet.com/ct.html?rtr=on&s=1,3u4y,1,mgyq,citf,4kcc,do3i

    ------------------------------------------------------------
    38. 3/3: ZlobDr-H Trojan Hits Windows
    Troj/ZlobDr-H is a Trojan for the Windows platform.

    http://nl.internet.com/ct.html?rtr=on&s=1,3u4y,1,jslw,273q,4kcc,do3i

    ------------------------------------------------------------
    39. 3/3: Scrapkut.worm Sends Orkut Users Scraps of Itself
    W32/Scrapkut.worm attempts to spread itself by sending orkut users scraps that contains
    the link to the worm itself.

    http://nl.internet.com/ct.html?rtr=on&s=1,3u4y,1,8709,dxsh,4kcc,do3i

    Gerald

    .

    Labels: ,

    0 Comments:

    Post a Comment

    Subscribe to Post Comments [Atom]

    << Home