back to article Sony Pictures MEGAHACK: Securobods pull out probes, analyse badness

Security experts have been able to obtain and analyse samples of the malware linked to the Sony Pictures breach. An FBI advisory issued on Monday, leaked to Reuters, warned US businesses to be vigilant about a new strain of “destructive” malware. The link between the Sony breach and the malware described by the FBI is yet to …

  1. Anonymous Coward
    Anonymous Coward

    BKDR_WIPALL.

    For those of you who coded this nasty you are; A_BNCH_OF_CNTS.

    1. Jan 0

      Re: BKDR_WIPALL.

      Nasty? I can't think of anything nicer than your description. It reminds me of my favourite line in Luke Rinehart's "The Dice Man".

      1. Anonymous Coward
        Anonymous Coward

        Re: BKDR_WIPALL.

        Which line? The one about raping his neighbor?

        1. Jan 0

          Re: BKDR_WIPALL.

          No, the one about a bagful.

  2. Anonymous Coward
    Anonymous Coward

    Boo Hoo

    Poor old Sony, thanks for the CD rootkits and driver restrictions on Vaio's.

    1. chris lively

      Re: Boo Hoo

      I think Sony is getting what it deserves. I won't shed a tear for them.

      1. VinceH

        Re: Boo Hoo

        Yeah. On the one hand I agree with the sentiment of AC at the very top on general principles, but on the other, this is Sony, and I can't help but think along these lines.

    2. Just Enough Silver badge

      Re: Boo Hoo

      I wonder if all those rubbing their hands with glee at this happening to the employees of an unrelated division of Sony would be as delighted if it happened to their company?

      All it needs is some self-appointed vigilante to decide that they don't like something your company did 10 years ago, and it'd be your personal info getting hacked and leaked. It would be your personal projects getting wiped. Still funny?

      1. Anonymous Coward
        Anonymous Coward

        Re: Boo Hoo

        When you choose to work for a company known to engage in immoral practices then there shouldn't be any surprise.

  3. Florida1920
    Joke

    "I am still shocked the Sony attackers exfiltrated TERABYTES of data without being noticed," said convicted hacker turned security consultant Kevin Mitnick.

    Other than that, how did you like the movies, Kevin?

    1. Anonymous Coward
      Anonymous Coward

      ooh

      That was cruel.

  4. Uncle Siggy

    hand jive

    Sony's infrastructure has had more hands on it than a Detroit Police Department (OCP) cop's car hood.

  5. Guido Brunetti
    Big Brother

    Proof the N.Koreans did it

    http://i.kinja-img.com/gawker-media/image/upload/s--7iigPzJ9--/18ir476zicywojpg.jpg

    Evil hackers at work!

    1. JCitizen
      Mushroom

      Re: Proof the N.Koreans did it

      HA! Good one Guido!

  6. Message From A Self-Destructing Turnip
    Gimp

    Root

    'Once logged in, the malware attempts to grant full access to system root to everyone on the network."

    Open wide and say my name...

  7. Destroy All Monsters Silver badge
    Gimp

    "Probably not a problem"

    Yup, this sure is some anomalous material standard insertion procedure, green flashes and panicky cries and all.

    Just chalk it up to "blowback from seriously bad behaviour in the 30's" and be done with it.

  8. RAMChYLD
    WTF?

    wait

    format *.*? That syntax is nonsense. Format requires the drive letter.

  9. channel extended

    Data Mining?

    Finally a good use for 'big data'.

  10. naive

    Complexity is a defense too

    Easy to laugh about Sony, but it shows how vulnerable IT became these days, nothing seems safe for hacking teams with huge research budgets.

    Given the fact that *everything* can be hacked, perhaps complexity should be brought in as an additional weapon. Yes it is efficient to have everything on virtualized Windows machines with a standard off the shelf storage box, deploy network access guarded by standard network appliances provided by somebody with the largest market share.

    In nature, differences in genes protect humanity from completely dying off from a single disease.

    (re)Introducing AIX, DB2, Oracle and Linux file serving instead of the obvious MS-soup, perhaps use an alternative authentication schema instead of AD might just be the steps which could protect against being overrun completely and have all your data on the street. Yes parts of it could perhaps still be stolen, and everything still has its own vulnerabilities, but the increase in diversity makes it harder to get complete access.

    1. Where not exists

      Re: Complexity is a defense too

      The green screen shot posted at krebsonsecurity.com shows that Sony does run on multiple platforms. But these days it's very easy to grab data off the mainframe, so data like that shown in the screen shot could have easily been exported by users and grabbed off their hard drives by GOP.

  11. tony2heads

    Hardcoded machines names user names & passwords

    Suggest an inside job

    1. steamrunner

      Re: Hardcoded machines names user names & passwords

      ... or information gathered during a previous hack/attack that hasn't been disclosed.

      Rule One: Don't talk about... er... ah, sorry, wrong meme. Rule One: Make no assumptions.

  12. This post has been deleted by a moderator

    1. Where not exists

      compliance laws and rising costs

      Yes, this one is going to cost us all. I'm dreading what new regs we will get whacked with after this.

  13. Phil Holden 1

    Format *.*

    Format *.*

    Eh? what is this tripe? An explanation for new DOS users?

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Biting the hand that feeds IT © 1998–2020