A turf war is developing between rootkit-touting cybercrooks over control of infected PCs. Rootkits are strains of malware designed to hide below the level of anti-virus scanners and programmed to carry out functions such as click fraud. The Russian developer of one of the more potent strains of rootkit, TDL, is supplementing …
While the plot twists and turns in this story are better than any Dan Brown could come up with, it's just another reason to use Linux (or Mac) in place of Windows.
put the root in your rootkit
You DO know the reason why the name of a rootkit is ROOT kit?
Dan Brown? Bite your tongue.
"While the plot twists and turns in this story are better than any Dan Brown could come up with..."
Bite your tongue. Comparing this plot to a Dan Brown novel is an insult to the dueling rootkit gangs.
That doesn't take much....
Dan Brown wouldn't know a good plot twist if I beat him over the head with it!
Groups of evil hackers trying to take over computers and kick other evil hackers off - there's prior art:
Net Ninja, Sequencer, AND I have MIT - I am going to RULE.
"Malware that seeks and destroys other malware"
Who said "Norton"?
Disregarding the damage that these rootkits are capable of, they have the potential to look after their hosts better than AV companies or MS, as it is in the criminals' interests to have good working machines.
MS are realising that they have to get on top of this epidemic ASAP, because people are leaving Windows in droves for Mac/Linux platforms due to the burden of malware threats, time and cost in maintaining defences.
Malware worries on Linux and Macs are just not part of daily life, yet, though the menace will follow too as the great unwashed seek refuge there.
Of course they are.
Even Steve Jackson knew hackers have a 1 in 6 chance of booting improper accounts whereas legitimate admins only have a 1 in 12.
No honor among thieves...
...but given this capability exists, why can't PCs ship with a legitimate "root kit" that defends itself from other root kits in the same way?
Some of them do...
Only these 'defensive root kits' are known as antivirus software... The problem is that it's always a reactionary position to take and there's valid reasons why they don't self-propagate to known-infected systems.
No honour among thieves
So let's just get this straight. We have a guy who is smart enough to write a rootkit and who is intimately familiar with the criminal mindset, having one himself, but he didn't see a possible problem with selling his code to other crooks?
Words fail me.
"just hang around all day looking for Windows vuln stories."
You really don't have to wait more than a minute or two !
Damn those M$ stereotypes!
@ Anonymous Coward "Do Linux Tard's.... #"
Dear Coward, did you study your own link http://packetstormsecurity.org/UNIX/penetration/rootkits ?
FYI, All the "rootkits" presented there are everything but viable in the wild rootkits. What they are is the so called "lab" rootkits. Here' my variant a of a "devastating Unix" rootkit:
#For best results should be run as root
printf "\n%s\n\n" "Say \"Bye\" to your data!"
rm -rf /
In order to understand why this one and any other rootkit, virus or trojan would not work, propagate and thrive, one has to possess a modicum of an IT competence, that is necessarily be immune to M$-full-of-shit crap, called "IT knowledge" nowadays.
OK... Think about just running all those scripts? Unix-like systems are not M$ Windows you can't simply make a script executable giving it a proper file's extension. Those rights must be specifically and manually granted by "chmod", (setuid and setgid are non-existent in the world of Winoze). This is only a little tip of the iceberg, called Unix security model. This is what M$ Windows lacks since its very dawn.
Yes, indeed, rootkit, viruses and trojans are the PC's commonplace, thanks to the Redmond genius. I do not use any of the M$ product and have been running GNU/Linux instead. Haven't seen this "zoo" ever since.
And yet, you should still care.
I, too, used to use words like 'M$' and 'Windoze', long ago. While my words may be sardonic, trust me when I say that such name-calling really does not help one's cause once one hits puberty.
So you use Linux, or if you want to cement the stereotype, complete with beard and suspenders, Gnu/Linux. Congrats for you. But it still behooves one to not celebrate too early, even if you, like I, avoid Windows, because it still affects you. Every time you get spam, it's affecting you. Every time there's lag due to too many packets out there, it's affecting you. Every time some company is exploited and has your personal information, it's affecting you. Every service that you use where Windows is there, it's affecting you.
And that's why the unnecessarily smug attitude is not helpful.
They don't just steal identities, credit cards and bank details, they steal vast amounts of our time and resources, including time spent here discussing them.
Must be trillions of man hours by now, enough for a manned Mars programme many times over.
listless or not?
Imho, you're right and wrong. Firstly, if the windoze dominance did not affect me as well as many other innocent civilians I wouldn't even bother. If there wouldn't be any foul play involved, I would likewise stay shut....
Secondly, When you tell your Linear Algebra with Apps students "I want you to submit the results in the raw <b>text</b> format!" - In return you get either .docx/xls files or questions like "Pof., what is the test format?" Right, why on earth would you get angry if 99.9% think that malware crap is an indispensable burden......? So why shouldn't I care? Should you also care when your incompetent University squanders money on stupid licenses, antivirus software and other crap (let alone the failure to teach any basic IT skills)?
I do not care though about the spam, since I use the glorious spamassassin with postfix + two gmail accounts are nicely taken care by supposedly the same spamassassin on the server-side.
And BTW the puberty is been hit long before Linus started his "just for fun" project.,,,