US school in toothless Obama worm infection Security experts reckon a new low-threat worm that displays the image of President Obama on infected desktops is the work of technically-knowledgeable pranksters. Infections of the worm appear to be confined to scores of desktops at the same (unnamed) Illinois high school, which contacted its anti-virus supplier. The outbreak …
The smartest kid probably thought about doing something like that, then decided against it on the grounds that people are going to 100% treat it as a serious crime rather than a silly prank.
Hopefully they will just stop investigating it now .. its a waste of money and resources and whoever wrote it is probably a kid who is scared enough that he won't be repeating that mistake anytime soon.
"Couldn't it be fairly easily copied once you go, "Ah hah, that's a neat trick", without source being an issue?"
And how do you propose to get to that Aha moment? Can you read machine code or something?
Anyway, from what I heard the source code _is_ available for the network share exploit in metasploit so any doofus should be able to use it.
IIRC, Conficker "borrowed" the code for the wormable exploit from Metasploit anyway. (Which unsung tw@ decided that making *this* open-source was a good idea? As astonishingly dumb ideas go, that one deserves an award!). This has been widely reported, so I wouldn't be at all surprised if the lads behind this one did the same thing.
The other part of the Conficker attack involves a malformed autorun.inf which makes the end user think they're browsing the share rather than running something. This one's a Blue Peter* job. Finding where Conficker's been and snaffling one is trivial.
No innovation required for either attack vector then. The only surprise here is that world+dog are not in on the act by now.
*"Here's one I prepared earlier."
The Register 
Biting the hand that feeds IT
Copyright. All rights reserved © 1998–2024
