The Big Hack hasn't happened..........yet Support
Update Aug 5 at 3pm: Reports of Linux hacking..
This weekend saw some interesting activity, however. Microsoft.com was down on Friday 1st August, but repaired again. A spokesperson for Microsoft said:
“This attack does not have any association with any known vulnerability in Microsoft software. Microsoft has contacted the appropriate authorities, is cooperating in the investigation of the cause of this attack, and will take appropriate action. We regret any inconvenience this has caused to visitors to the Microsoft.com Web site.”
It’s an important distinction to note; the news has been full of critical microsoft Windows flaws that could allow a malicious hacker to take control of a user’s computer. But this attack didn’t exploit those flaws; it was a simple ‘nuclear’ attack by lots of hostile machines all attempting to access the site at once, locking out genuine attempts to request pages.
Some Denial of Service attacks not only lock out real users, but also bring the servers to their knees. One such case over the weekend was that of Chicago Webs which was down most of Saturday and Sunday. This is important in the Dreamweaver world, as Chicago Webs host some well-known sites in our community, like Project Seven, Dwfaq.com, Web-shorts.com and many sites owned by clients of some big names in the Dreamweaver community. Project Seven were down from Thursday 31-July to Sunday 3-August at 12:00am.
Why Chicago Webs was targetted may never be known, but conspiracy theorists are suggesting that the Denial of Service attack on Microsoft was designed to bring the site down so that people couldn’t download or apply the patch to the last two critical flaws that microsoft admit “could allow an attacker to compromise a computer running Microsoft Windows® and gain control over it.”
Monday: new worm.
This morning (4th August), Vnunet.com reports that a new worm is spreading at an alarming rate. It’s nothing to do with the Windows or DirectX flaws of the last 2 weeks, but exploits people’s trust – so-called “Social Engineering” by the hackers. An email arrives in your inbox:
Subject: your account [account info]
Body: Hello there, I would like to inform you about important information regarding your email address. This email address will be expiring. Please read attachment for details.
Best regards, Administrator
Attachment: message.zip
Opening the attachment shows only an html file, but there’s a hidden executable that infects your machine and then mails itself to people in your local address book, potentially clogging mail servers or slowing down networks – as well as making you look like an idiot to your clients, boss and colleagues!
More ominously than making you look foolish, the worm downloads a file called LOLX.EXE, aimed at opening a backdoor in the computer. The backdoor leaves your computer open to attack or manipulation by any malicious user.
Again, there's a patch - on the Microsoft site.
Monday: new attack bot.
Also, it’s become apparent that hackers have taken advantage of the code (so kindly posted by a group of Chinese hackers last week) that exploits the newly discovered windows flaws. ZDNet reports today that the attack bot is not a worm, as it doesn’t try to replicate itself.
Yet.
What can they do if they hack a machine?
More or less anything. And you might never know that it’s happening if they don’t start deleting importnat files from your hard-drive. Supposing that the hackers have an agenda that is more sinister that just “merely” vandalising your machine, they can use your computer to participate in another Denial of Service attack by instructing it to attempt to access a website at a certain time. Or, worst of all - they can use your machine to send out spam or even host pornographic websites on your machine – all without your knowledge.
Fancy hosting child pornography?
A bloodcurdling report released last Friday revealed that a man accused of storing child pornography on his computer was cleared because his computer had been infected by a Trojan horse, which transferred the images onto his PC. The worst thing about this is that the man spent a night in a police cell, nine days in Exeter prison and three months in a bail hostel. During this time, his ex-wife won custody of his seven year old daughter and possession of his house.
The good news – how to protect yourself.
The good news is that protecting yourself is easy as 1-2-3.
- Download the patch from Microsoft now – and demand that your hosting provider does the same. (And if they haven’t already done so, ask them why the hell not.)
- Get a firewall on your home computer - then you can horrify yourself by seeing an alert everytime someone tries to probe your computer, then breathe a sigh of relief as you realise that the firewall has kicked their butt and thrown them out.
- Get another Microsoft patch; then set an inbox rule on your mail client to delete any mail with the subject “your account” , and never open attachments from people you don’t know.
Then, cross your fingers. As Pat Stangler of Chicago Webs said of the Microsoft attack:“Well, if they can bring Bill down, what makes you thing lil ole Chicago Webs is safe?”
Or any of us.
Happy Patching – and Stay Alert!
DMXzone.com
August 4th 2003
Comments
Be the first to write a comment
You must me logged in to write a comment.