Where are you now ...
Security watchers have discovered a virus strain that compromises VMware virtual machines as well as infecting Mac OS X and Windows computers and Windows Mobile devices. It demonstrates previously unseen capabilities in the process. The Crisis malware typically arrives in a Java archive file (.jar) and is typically installed by …
So long as you don't play the free porn video......
Here. First ever malware for Windows Mobile I think? But then it hasnt been updated for many years...
This isnt actually exploiting any vulnerability as far as I can see other than stupidity?
> This isnt actually exploiting any vulnerability as far as I can see other than stupidity?
It's a threat to all WP7 users then ;-)
both of them must be worried then .....
I was thinking more of Mac users. They are mostly journalists too stupid to use a computer or 'creative' types that left school with only a GCSE in Art....
Hardcoded IP for a command and control which it pings every five minutes.
Smells like amateur hour.
As does the article itself
Wait a minute, that's *my* IP they're using! The bastards!
Reminds of the days on IRC when someone would post "TEACH ME TO HACK" on a channel and we told them to direct <whatever script was current> at 127.0.0.1. Strangely, they dropped offline then :)
I think most *nix related channels have had such experiences. Even so, I found that using addresses such as 127.10.45.65 proofed to be way more effective than the "easily recognizable" default address.
This is listed on the Symantec and Sophos websites since 25th July. It's a bit late to be talking about it now isn't it?
It's seems that Symantec has been detecting this type of jar delivered malware since 2010!
Or is it just the way it attacks VMWare that makes it news worthy?
I've always assumed the article delay was usually caused by having to think up a catchy sub-title. Not sure what happened here.
Yeah, it's the four-way whammy of VMware, Mac OS X, Windows and Windows Mobile (what's that?) that's new.
Wake me up when it has Linux support.
That will be when Linux grows past 1% market share....
1% in which market?
I'd bet it's because it's only just been revealed that this can affect Windows mobile devices - and the opportunity to take a swipe was too much to resist...
the opportunity to take a swipe was too much to resist
What? It scans gestures too?
A virus that uses gestures <flick through patent applications>, sorry Apple own that one, it can no longer be used in the US. The rest of the world can freely be infected.
There was a write up in July...
Does it not say 'tricks the user into installing" ?
That's a Trojan then isn't it?
There's no trickery involved if transfered by an infected drive, AIUI.
Trojan = Malicious software that pretends to be something useful in order to trick user into running it.
pretends to be something useful in order to trick
Like a giant wooden horse, for example. Someone should surely be able to find a use for that.
@Destroy all monsters: Thanks, your link to the previous story told me that a "Flash player java applet" is a "Java Archive file which pretends to be Adobe Flash Player"
The idea of Adobe writing a Flash installer in Java raises a smile, if nothing else
And if Adobe actually used Java to implement Flash it would probably be faster and less resource hungry.
"It demonstrates previous unseen capabilities in the process."
No it really does not. Spreading between differing OS's is not new, Dropping via the web using social engineering is not new or key-logging, Rootkit install, killing AV's or pretty much everything else listed.
In-fact I can still remember the first publicly recorded worm that could run unmodified on both Win and Linux boxes written by a member of the 29a. Sorry but having the Binary’s for three differing OS's is not really new or novel either.
Now the new question in certain circles will be 'But will it run Crisis?'
Does that specifically mean the old version, or Windows Phone also?
Hmm. My copy of Adobe Flash is incredibly buggy and slow. I wonder if there's anything I can replace it with -- oh, here's this e-mail, apparently Adobe has ported Flash to an incredibly buggy and slow platform! Surely that will work better!
This is clearly a Trojan Horse, as the first thing you need to do is to enter the system password. But yeah, let's sell MacOSX virus scanners for the Total-O-Bozos to protect them from themselves.
Surely Symantec, Kaspersky and M$ pay with nice advertising on the site for this Bull$hit news.
How dare you ? It is highly disrespectful not to show sympathy for your fellow PC users suffering form all kind of software pox. You know well that when there was last time a Linux virus (don't remember when was that, don't ask me, OK?) they were all trying to comfort you saying "it's OK, just run an antivirus software provided by an industry leader and you'll be protected". You heartless FOSS-er!
Now between the two of us, which distro do you like best ?
Runnning KVM on LVM on debian for virtualisation and debian on the desktop, no worries, licensing bullshit, crippleware gauntlets, forced "upgrades" end general creepiness of one of the platforms of the great information parasites of the world (you know who they are :-))
Forgot to add "security software suite" blackmailing
I wouldnt feel quite so smug. Dont forget that the worst ever Internet worm infection (Morris worm) was on UNIX systems,,,
That doesnt change the facts as stated. It was the worst ever worm (took down much of the internet at the time) and it was only on UNIX systems.
Oh - and Microsoft was founded in 1975. Nice try though....
@Eadon. I seriously think you take another look at the history books.
Microsoft was founded in 1975. The origins of the internet can be traced to the 1960s.
Having googled "the morris worm", I see that our trusty friend Wikipedia dates it at 1988 when Windows was just an unpopular GUI for use on top of DOS primarily found on isolated machines. On the other hand, Unix was a proper operating system that handled networking and ran the majority of systems connected to the early Internet. If writing an internet worm, platform just wasn't a choice.
That time was an age of innocence. The term "computer security" was unheard of. No operating system was really prepared. Unix just happened to prove to be more secure because it was a multi-user operating system. User accounts and file permissions made much of the difference. Code quality may also have had something to do with it.
Looking at his posts, RICHTO is clearly pro-Microsoft. But in this case, the argument was pointless. Comparing the relative vulnerability to an Internet worm of two systems from 1980-something, one rarely connected to the internet (MS-DOS or MS-DOS/Windows 2.0), the other commonly connected (Unix) is just not a balanced test. I believe any independently minded rational person will conclude that Microsoft has historically been exceptionally poor at handling security challenges. While I agree with your position in part, I felt compelled to correct you because you have made so many completely inaccurate statements when trying to argue your case.
1) The Morris worm escaped into the wild in November 1988, not 1982.
2) Maybe you did mean that Microsofts share of the operating system market was non-existant. But what you wrote was that Mircosoft did not exist. The two are very different.
3) "That computer security was unheard of is a myth." Ok, 'unheard' was a bit too strong a term. My bad. But it was not a widely understood risk. Your assertion that 1982 was "a decade before anyone had even heard of the Internet" is an equal abuse of language.
4) You incorrectly state that the morris worm didn't cause damage. It didn't damage software or data but by preventing their use, caused harm in other ways such as financial.
Regardless of if this is pedantry or not, I defend the right to pedantry. Misinformation and misinterpretation get harder to correct the longer they're allowed to persist.
It would depend on what 'Unix' varient you compared, but it terms of enterprise Linux distributions, Windows has had fewer security vulnerabilities that were on average less critical and were fixed faster every year since 2003. (2002 was the year that Bill Gates set security as Microsofts #1 priority.)
This is why internet facing Linux servers are so much less secure and more likely to be hacked than Windows ones - and the gap is widening!
Can it break out of a virtual machine?
Can it be stopped from getting onto a dormant virtual machine if the VM's virtual disk is encrypted?
I ask as a domestic user who is intending to use a VM for internet browsing, as an extra safeguard against nasties. I would say it is actually for a friend who might visit dodgy websites, but you lot will just say 'A friend. Yeah right, we believe you'