Latest worm ( MyDoom ) has professional twist (Computer experts blame spammers)

AJC.com ^ | 1/28/04 | Bill Husted

[Feiny]

I did a virus check & didn't have this worm....but did find 1 other worm & 1 virus....my bosses kids use my computer & I have not run a virus check since around Thanksgiving. It was my fault for being lazy, but I never open any attachments unless the person sending has told me it is on the way.

I ran Mcafee & found 2....Norton told me I had none. Whats up with that?

[tacticalogic]

That's the one. I'm on a dialup, and when blaster hit, I got infected twice during the process of trying to d/l the update. After the second time I got fed up with it and created a 0 byte file in my Windows directory, named it msblast.exe, and made it read only.

[rit]

Again, thank you for the detail. This seems to diminish the perception that the MyDoom virus was spread mostly through the auto preview mode. It is more likely 99.9% falls back on the user who explicitly opened the attachment.

Given that CNN reported the anticipated cost of MyDoom at $250M, and that the virus has been classified as the fastest spreading virus ever, we must consider the possibility that the reactionary A/V and filtering model is insufficent to solve the spam/virus problem.

[wimpycat]

My computer automatically scans for viruses every Friday night at 8:00. I do have a permanent connection, but my modem has a "pause" button that blocks all traffic. I usually hit the pause button during the day while I'm at work, and before I go to bed at night.

Curiosly enough, I do have automatic live update enabled, but I still manually run live update, and I still get new downloads. But I don't see where it even allows me to set up a schedule to automatically download definitions.

[Golden Eagle]

I ran Mcafee & found 2....Norton told me I had none. Whats up with that?

Sorry to hear that, but just further proof the sneaky bastards are getting better and better. Kids make it almost impossible to defend everything, too. ;-)

[Golden Eagle]

Given that CNN reported the anticipated cost of MyDoom at $250M, and that the virus has been classified as the fastest spreading virus ever, we must consider the possibility that the reactionary A/V and filtering model is insufficent to solve the spam/virus problem.

Sorry but I think that's the wrong conclusion. First there are always questions about the validity of these estimates, and the first ones have been from overseas sources. Second, this attack while sophisticated was not that revolutionary, and those with adequate defenses, defenses that have been raised recently due to other similar events, were therefore much better prepared to block it.

I think what the overall result is, even though hacker sophistication remains high, overall protection of critical data secured by professionals is exceptional, and suffered little damage testifying to the truths of security practice, but the mostly poorly prepared home users are receiving the brunt of virii attacks now, and will likely in the future. Before it was both receiving damage, so we are making progress, mainly by advances in technology and sophistication of operators. The current model is strong, by those who choose or can afford to enforce it.

[rit]

Agreed that the CNN 250M is an estimate, but even if the damage is half, it is still too expensive for where we should be. I am questioning if A/V is the yet to be perfected solution, or, if something more is required.

[Lawgvr1955]

I haven't gotten it either and I have six different email accounts. On all my boxes I run Nortons and Zone Alarm Pro for the firewall. One of my ISPs run a virus scan on email, so I feel pretty safe.

[Golden Eagle]

I am questioning if A/V is the yet to be perfected solution, or, if something more is required.

With proper configuration, yes it's close but technology doesn't "close the loop" to use a technical term and user interaction is most often the final weakest link in the process, of which there is no ultimate protection with the currently configured landscape.

[steve-b]

Ready to 'fess up and write 100 times "I AM VERY SORRY THAT I SPREAD SLANDERS"?