Sign in / up

back to article Received surprise new Redmond licenses? You might be pwned

Black hats are flinging supposedly free licenses at enterprises in a bid to get malware on corporate networks, security bod Martin Nystrom says. They wrote malware that was slightly neurotic in its bid to evade detection and would make use of the Tor network to receive stolen data. The Cisco threat defence man said realistic …

COMMENTS

Post your comment
House rules Send corrections
Add to 'My topics' unstar *
  1. pierce
    Terminator

    put out a hit contract on the authors and operators of this crap, with orders to chop their fingers off.

    0 2 Reply
    1. Anonymous Coward
      Reply Icon
      Anonymous Coward

      put out a hit contract on the authors and operators of this crap, with orders to chop their fingers off.

      Really? It would be more interesting to find a way to sue the authors of code with such blatant weaknesses that it's still a risk to put a newly installed box anywhere near the Internet without a lot of extra protection. I had some hope that the Vista debacle would wake people up to the problem with a monoculture but no - good marketing and politics will always prevail over common sense.

      Licensing failures were one of the most overlooked business risks until FAST started to make a quick buck with it, so I can understand the nervousness - it's a perfect social engineering vector because it's so complex you'd think it was almost designed to be opaque so you have the fear for liability as a nice tool to play with. Add to this the fact that Windows is not exactly secure by design and it's actually a miracle this did not happen earlier.

      Having said that, you need to understand the corporate world for this one - I'd look for a minion of a large organisation as perpetrator.

      3 3 Reply
      1. dogged
        Reply Icon

        > Really? It would be more interesting to find a way to sue the authors of code with such blatant weaknesses that it's still a risk to put a newly installed box anywhere near the Internet without a lot of extra protection.

        Ah, you mean "all current operating systems"?

        1 3 Reply
  2. adnim
    Facepalm

    Plain text

    email.

    I presume all emails are phishing emails.

    I can understand the average user falling for a phishing scam, especially when emails are written in HTML and displayed as web page.

    I don't understand how an IT professional can fall for a such a trick. (Note the word professional).

    3 0 Reply
  3. Anonymous Coward
    Anonymous Coward

    IT professional

    "I don't understand how an IT professional can fall for a such a trick. (Note the word professional)."

    Easy answer. At least in the security realm. Steps required to become a "IT security professional"

    1- Label yourself as "IT security professional"

    2- Done

    7 0 Reply
    1. Marc 13
      Reply Icon
      Facepalm

      Re: IT professional

      "I don't understand how an IT professional can fall for a such a trick. (Note the word professional)."

      Because there's a lot of IT run by the guy (or gal) in the office who "knows about computers". They then get another job "in IT" because they "ran" the last company's IT.

      He/she is now an IT Professional. Q.E.D.

      6 0 Reply
    2. fearnothing
      Reply Icon

      Re: IT professional

      As an IT security professional, I can attest to this.

      Seriously though. Don't trust the list of domains that Cisco's blog indicates are being used - I'm pretty sure it's incomplete.

      1 0 Reply
  4. Fatman
    Linux

    "Surprise" Redmond licenses...

    What difference does it make?

    IF you use the operating system that comes from that global operating system monopoly, you are already infected with malware!!!!!!

    </snark!>

    2 2 Reply

POST COMMENT House rules

Not a member of The Register? Create a new account here.

Forgotten password ?

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Other stories you might like