-=PCTechTalk=- Re: The final word on Confickr/Downadup/Kido including removal instructions
- From: "ml" <my2punkin@xxxxxxxxxxx>
- To: <pctechtalk@xxxxxxxxxxxxx>
- Date: Tue, 31 Mar 2009 16:46:02 -0700
all I can say some people have too much time on their dingy brains to be
causing so much trouble round the world. What they need is a good swift
butttt in the brain and land on their face in a pud muddle...I am plain sick
of this %^&$%#$ to the point of just shutting of the darn puter and that be
that. They are no more than punks.
----- Original Message -----
From: "Gman" <gman.pctt@xxxxxxxxx>
To: <pctechtalk@xxxxxxxxxxxxx>
Sent: Tuesday, March 31, 2009 1:52 PM
Subject: -=PCTechTalk=- Re: The final word on Confickr/Downadup/Kido
including removal instructions
> Hi Lil,
> The bug includes a timer that's set to go off sometime tomorrow (I
> would
> guess at midnight tonight). The design is for the bug to 'call home' for
> further instructions. With millions of them currently infecting machines
> around the world (most infections are in China, Russia and other far
> eastern
> countries), this botnet could be told to start doing almost anything.
> There
> are over 50,000 locations it can use to reach 'home' and there's no way
> for
> the security experts to identify & close them all. The experts' best
> guess
> is that they will definitely receive instructions to update the security
> sites they block to include the ones that were created since the last time
> the bug updated. They could also receive directions to start Spamming the
> world, launch Denial of Service attacks against major online sites, new
> methods to infect more systems, etc.. Right now, they are only focusing
> on
> infecting more systems, but the security folks have closed up most of the
> holes they've been using (which includes the patch I've been pushing here
> lately). If the worm writers have come up with new ways to get it into
> new
> systems, we'll be battling that soon, too.
>
> Since every infected system that remains online tomorrow will try to
> update itself (the entire botnet will likely take several days for all of
> them to get through to the controlling servers and get their
> instructions),
> it doesn't matter if a clean system stays offline. The online bugs will
> update their instruction set and try to carry out their new duties
> regardless. When you bring your system back online, those changes will
> already have been started.
>
> So, I'll be online just as much as I've always been, but I'll be
> spending much of my time at several security sites trying to keep up with
> reports on what this botnet seems to be doing with its new instructions.
> I
> have the patch in place, all of my security software is completely up to
> date, I know how to surf safely and I won't be randomly surfing around
> until
> I get a clear picture of what the botnet has been told to do. This isn't
> a
> time to hide our heads in the sand and stay offline, but treat the
> internet
> like a minefield for a few days until we know what the botnet is up to.
> Every security related company in existence will be working together to
> pounce on anything new that can be plugged and share that info with the
> other companies. Hopefully, whatever happens will be (relatively)
> contained
> within a reasonable period of time.
>
> I also predict that most of our trusted security apps will be getting
> major updates soon to battle whatever new attacks come out of all of this.
>
>
> We certainly do live in interesting times. lol
>
> Peace,
> Gman
> http://www.bornagainamerican.org
>
> "The only dumb questions are the ones we fail to ask"
>
> ----- Original Message -----
> From: "Lilian" <lilcruz.2@xxxxxxxxx>
> To: <pctechtalk@xxxxxxxxxxxxx>
> Sent: Tuesday, March 31, 2009 4:10 PM
> Subject: -=PCTechTalk=- Re: The final word on Confickr/Downadup/Kido
> including removal instructions
>
>
>> Gman,
>> I´ve had that patch since Oct 2008 (KB958644) so I guess its ok. But, I
>> am
>> curious as to how these nerds do their damage. They infect you with a
>> bug
>> which is programmed to go off on a certain date? Or is it programmed to
>> launch from a certain day onwards? The reason I ask is if we take the
>> day
>> off tomorrow (those who can of course...) and only switch back on on 02
>> April, would the virus still be active? If they give it a leeway of
>> several
>> days to activate, then we are stuck...
>>
>> Lil
>
> ---------------------------------------------------------------
> Please remember to trim your replies (including this sentence and
> everything below it) and adjust the subject line as necessary.
>
> To subscribe, unsubscribe or modify your email settings:
> http://www.freelists.org/webpage/pctechtalk
>
> To access our Archives:
> http://groups.yahoo.com/group/PCTechTalk/messages/
> http://www.freelists.org/archives/pctechtalk/
>
> To contact only the PCTT Mod Squad, write to:
> pctechtalk-moderators@xxxxxxxxxxxxx
>
> To join the PCTableTalk off-topic group, send a blank email to:
> pctabletalk+subscribe@xxxxxxxxxxxxxxxx
> ---------------------------------------------------------------
>
---------------------------------------------------------------
Please remember to trim your replies (including this sentence and everything
below it) and adjust the subject line as necessary.
To subscribe, unsubscribe or modify your email settings:
http://www.freelists.org/webpage/pctechtalk
To access our Archives:
http://groups.yahoo.com/group/PCTechTalk/messages/
http://www.freelists.org/archives/pctechtalk/
To contact only the PCTT Mod Squad, write to:
pctechtalk-moderators@xxxxxxxxxxxxx
To join the PCTableTalk off-topic group, send a blank email to:
pctabletalk+subscribe@xxxxxxxxxxxxxxxx
---------------------------------------------------------------
Other related posts: