Linux.com

It's UPX-compressed, and part of the exe is rot13-encoded. It looks like it goes under one of these names when trying to spread via Kazaa:

nuke2004, office_crack, rootkitXP,
strip-girl-2.0bdcom_patches, activation_crack, icq2004-final, winamp5

But I'm not sure why it's spread sooo incredibly fast.

The worm includes this HTTP request header:

GET / HTTP/1.1

Host: www.sco.com

And sure enough, sco.com is inaccessible now. So it's not completely evil.<nobr> <wbr></nobr><tt>;)</tt>

#

Sco still up,

#

No it's not.

#

it is

#

Whooohooo

#

beefy hot beef!

#

I noticed it was down earlier too but came back up. This is odd seeing as the virus isn't supposed to being the dos until *** FEB 1st ***. It is VERY odd that www.sco.com would have gone down before that. Maybe sco got dos happy and jumped the gun and took their own systems down in an effort to pre-emptively start the dos...

#

But surely SCO are using Unix with all the code we copied?<nobr> <wbr></nobr>:p

#

hmmm... who would benefit most from sco being attacked... lets see... sco's suing linux... so the obvious answer would be linux... but lets dig a little deeper... what if linux is being framed by something bigger... I mean, why would a linux user take the time to learn how to program a windows program, that interacts with other windows programs? It doesn't make sense, just to attack SCO... I propose maybe some big corporation that hates linux wrote this virus, as another effort to slam the linux community, and make people think the linux community is only a bunch of hackers trying to ruin your machine... Think about it logically... Who would benefit most from SCO being attacked by a virus???

#

Simple for linux personal to build windows programs why would we waste our time if we did not hit microsoft while we were at it.

Basicly come on microsoft give away a non crackable version of windows to make up for all of your stuff ups. Or at least harder than this one. Ie virus scanner firewall and some good user docs on setting them up correctly. And the final one how to make bootable cdrom to clean scan systems. (I use this all the time)

#

disasm you are an idiot. I think your post is nothing more than trolling and I think you are acting immature.

Grow up

#

Who's being the idiot? Name calling won't get you anywhere and immaturity goes with it! Disasm has a point and has the right to an opinion!!!

#

I'd have to agree with you here. All of Disasm's post is clearly FUD and not based on any actual proof, or indeed reason! Just someone who seems to be obsessed with grand conspiracy theories. Insane!

#

Actually I think you'll find that he has a point.

Anybody that wants to give Linux users a bad name could create a virus to perform a DDoS attack on SCO's Website. Linux users will be the primary suspect, especially due to the current situation between SCO and Linux. A bit of negative press toward Linux always seems to help SCO make a bit more cash.

Perhaps you'd like to explain why you feel this opinion is so foolish?

#

It's stupid because why does it matter whether the programmer is a linux user or a windows user? It's still just some guy who wanted to attack SCO. You can't blame every linux user for one guy's actions.

#

"You can't blame every linux user for one guy's actions."

Ahh, yes, but people will. And thats why his comments are not so far fetched. Sure the conspirisy theory stuff may be, but its still fun to think about.

My thought was, someone who doesn't like Kazzaa (recording industry maybe???) threw in the SCO thing and added the common Outlook functionality to detract from the real sorce. Of course there is no proof, but it makes for some entertaining thoughs as long as it's never concidered seriously.

#

This conversation is incredible. I didn't realise the average age of Newsforge readers was so low. I've never posted before but for some reason felt compelled to on this occassion.

Before you post please ask yourself this question 'does anybody really care about what I am about to say?'.

#

If you read CNN, my motive for posting this comment was just justified. The Linux war' weapon - CNN

I was merely pointing out that the linux community is going to be framed, and the virus was more likely written by a windows programmer than a linux programmer. Granted, I came off a little conspiracyish, but I did submit it at a pretty late hour in the night<nobr> <wbr></nobr>;-)

#

i never blamed microsoft in general. i merely suggested that it is most likely a sympathizer/proponent of microsoft, due to the fact, most knowledgable people in the open source community have no reason what-so-ever, to write a windows virus to wreak havoc. Most of them are already involved in their own projects. My theory does have some analytical proof behind it. I am friends with numerous people in the open source community, and average ms visual c++/vb/other windows language, and I have never had someone from the open source community, say look at what cool new bug/exploit/virus for windows i wrote!!! however, on the other hand, my windows friends are always bragging about exploits they pull in windows, and virii to write it. Also, history shows, most virii are not distributed and wrote by the same people. Usually a white paper is written by a knowledgable person, someone comes across it, and writes a simple program using that concept to wreak havoc on the windows camp.


Also, in my defense, I merely hypothesized a credible situation, I never admitted it as fact. It was merely a teaser to get people minds thinking, I had no intention to come across as fact.


By the way, my post was much more profound than yours. i did not make one name calling statement, and I left it up in the air as to who could be, behind the virus, where you called me a "troll".


Try to post more professionally,

#

People, please stop the annoying and wannabe-pretentious use of the non-word virii. The plural form of the word virus is viruses. Don't believe me? Go read <A HREF="http://www.perl.com/language/misc/virus.html" TITLE="perl.com">this</a perl.com>. I think you'll come away convinced.

#

Let's face it, it's just some geeky h4x0r smacktard who thinks it is funny to capitalise on the heightened wossnames between the community and SCO.

#

This is unethical, immoral and illegal. Whoever is doing this is not a champion for Linux just a common thug.

I for one, as a memebr of the Open Source community disagree with this approach and I pride myself as being an ethical person. This reflects badly on all of us, not just the developers of this nefarious virus.

#

You are assuming that someone did this for the Linux community. While it is certainly possible, do not jump to conclusions unless you know it for certain. What reflects badly is not a virus which DDoS's SCO, but members of the Open Source community pointing fingers without evidence.
Of course, I assume that you don't know any more about it than the rest of us.

#

Didn't I just see an article linked on one of these sites that SCO was now, "The Most Hated Company in the Tech Industry"? They've even passed Microsoft. Sounds like someone jumping onto the bandwagon. You certainly don't have to be a Linux Kernel Developer to hate the likes of MS and SCO.

Linux, The Operating System, has become a lot larger than Linux, The Movement.

#

There is absolutely no evidence to suggest anyone from the open source community is responsible for this virus.

Why are you so quick to judgement?

#

<A HREF="http://www.cnn.com/2004/TECH/internet/01/27/mydoom.spread/index.html" TITLE="cnn.com">"Virus experts"</a cnn.com> say it comes from the open source community, according to CNN.

#

It always saddens me to see people outright rejecting peoples actions without taking the time to understand why another person is acting this way. It's also unfortunate when someone believes they have the moral high ground to reject a persons action like this. There are reasons worms are created, and there is a logic behind them, whether it is an act of class warfare against rich proprietary software developers or a scheme for virus companies to extract more money out of their customers. Members of the open source community have a responsibility to protect their existence, a responsibility to act. If everyone who believed SCO was in the wrong and a threat to open source took action SCO wouldn't have a leg to stand on.

#

Why anyone would still be using MS-Windows at their business is beyond me. This is not the 1980's anymore, other operating systems and GUIs are more than twenty years ahead of MS' meager offerings. When you throw in all the security problems, there's no wonder that times are hard economically.

Even after almost twenty years of Internet, Windows still operates on a single-user / physical security paradigm. By perpetuating the myth that it's OK to connect a MS-Windows machine to a network, billions of dollars of damage are caused not to mention identity theft and fraud as well. Bill Gates is the Osama bin Laden of the Internet.

#

You seen the SCO.com website lately? They now have Vintela, a microsoft active directory based authentication for UNIX. Need I say anymore?

#

Bah, we've had that for a while now, a la Samba.

#

"Why anyone would still be using MS-Windows at their business is beyond me"

A combination of a number of factors:

1) billions of dollard of M$ marketing efforts

2) an erroneous perception of Mac as the sole alternative (which, of course, it ain't at all)

3) the fact that GNU/Linux and other *nixes are the product of a COMMUNITY rather than of CORPORATIONS and hence have little or no marketing budgets.

4) the fact that GNU/Linux has become user-friendly only rather recently (sorry guys, but that's a fact)

5) the force of habit (and denial!)

"By perpetuating the myth that it's OK to connect a MS-Windows machine to a network, billions of dollars of damage are caused"

yep - you are right about that. But sadly, this is the *only* thing which will wake up M$ zombies. And the current virus is not all that nasty. It's like California: the "big one" will inevitably come, and only *then* will they take a long hard look at these issues...

#

Wow. And I thought Microsoft had the monopoly on FUD. That might have been the biggest bullshit post I've seen outside of slashdot.

#

Man, dude, you have no idea how business works.

I have had help desk calls b4 from people who did not know what the LOGIN screen was.

Dont assume we are all computer savvy

#

As with ANY virus/worm - that is (sadly) probably the ONLY thing which can open the tightly shut eyes of Windoze users. Really, I can give you an example.

A friend of mine ended up being called up by a private bank whose directors were going crazy with virus problems. He told them that he would install some "cutting edge technology" for them which would solve the problem. He installed Suse<nobr> <wbr></nobr>:-) and only after quite a while did he tell them what the nature of his "cutting edge" solution was.

The function of pain in a body is to alert to a problem. That is exactly what viruses/worms, reboots, idiotic licensing schemes, sky-rocketing IT budgets, forced upgrades, unsupported products, unavailable source code for maintenance, bloated hardware requirements, and the like do for M$ users (private and corporate): they remind them in all sorts of creative ways that there is a problem which they need to look at. Pain, in short, is good.

Redmond spends billion dollars on promoting its garbadge. Our community spends nothing. But what we can do is have a good laugh, and then *TELL THEM* why they are in pain and that, like the commercial says, they can "stop the pain, stop the pain, stop the pain"<nobr> <wbr></nobr>;-)

Here is something I submit to all Windoze users:

"Insanity is repeating the same thing over and over expecting different results" (AA slogan)

#

I'm a linux advocate, but I gotta admit, there is far more pain with Linux than there is with windows.

Windows is fine as long as you remove outlook from the equation. 2000/xp are 99% as stable as linux (my up times are no longer substantially different) I still use Windows at home, I won't even consider Linux on my desktop. I tried to do that, its just not ready yet.

Kernel 2.6 is a vast improvement. Once D-BUS and the other plug-n-play projects get done, we'll almost be ready. The biggest barrier to sucess on the the desktop is the reluctance of hardware manufactures to provide quality open drivers. The modules they currently provide are extremely perilous. This is something that will always be the case.

Working against Linux is that we are getting more and more gadgets to connect to, and all those need drivers. Joe-six-pack now connects to MP3 and digicams, his daughter to a webcam, and his son to joysticks.

The home-user needs to plug-in and not worry. Ideally, this is solved by putting a small flash file system and the driver on there, for the OS. (So the default memory card come shipped in the camera, with a driver on it. The flash FS access is a atandard thing. When the PC sees the two devices on the USB bus it first accesses the flash to copy and load the driver, then it can talk to the other USB device)

Like Linux says, we're about 10 years out. I expect kernel 2.8 to be the real beginning of Linux on the desktop.

#

FWLIW, I have been using only Linux, both at home and at work, on my desktop systems for almost 8 years (I first started with Linux in November 1991). Haven't had a problem with any HW combination (the whole nvidia crap is annoying, but not a problem). It works with my camera, all my USB devices and every bit of software I could ever want to run.

This "Is Linux ready for the Desktop" issue is kind of silly. Of course it's ready. It's more than ready. The problem is with the question. When people ask, "Is Linux ready for the Desktop?" they really mean, "Can Linux be an exact duplicate, in every way, of MS WinXX?" This is a ridiculous question but it's the one that's driving the whole Linux on the Desktop movement. Personally, I have mixed feelings about this. I would like to see more Linux use but I'm not thrilled to see Linux look'n'feel and act just like MS WinXX.

#

? and linux is geek opium ? relieving the pain, but replacing realistic planning and acomplishments with drug dreams ?

#

oh well, in your case Windoze might not be the real problem after all<nobr> <wbr></nobr>:-)

#

Anybody else see a trend here? Right after the first time the judge told SCO to comply with IBM's request for discovery, SCO (claimed) to have a DOS attack that they could use as reason for not complying with the judges order. They did not comply with the order and somehow got a 2 week extension giving them until Feb 6th. This happened Friday, Jan 23rd. But now look at this, All of a sudden here comes this worm to attack SCO on Feb 1st, Just six days before there time is up! I bet they will use this timely event as an excuse for not complying and getting more time to shoot there mouths off.

TO THE JUDGE!!! Find them in contempt NOW!!! Do your F***ING JOB!

That is all.

#

interesting theory. site your source.

#