On 8/22/05, Todd Towles <[EMAIL PROTECTED]> wrote: > Diabl0 will be happy to know that it just deletes the worm
The worm is just proof that corporate security can be by-passed. It shows how hackers can target individuals within the enterprise and compromise their wireless device over the weekend while the corporate user is doing out of office work. The wireless devices were most likely the primary source of the spread. Media outlets are reporting wireless devices were only an accessory to the spread of the worm. Isn't it the case that this worm was carefully planned out and coordinated. Isn't it the case that the corporations hit were hand picked by the hacker. Isn't it the case that the hackers knew the owners of the wireless devices by name. Isn't it the case that more research and background work was done before releasing this to the affected enterprises than experts are reporting to the public at large. Corporations need to give all employees more advanced training in patching their personal wireless devices, which are being used over the weekend, and require them to be patched before the connect to corporate infrustructure on Monday morning, or during the weekend for those corporate users accessing the work place remotely from home. I think if the affected corporations don't learn from Zobtob then the same will happen again. Its vital enterprises now review policy in respect of this, as its becoming more common place that hackers are hitching a ride on wireless devices and hackers no longer need to worry about compromising corporate security, as unsuspecting employees are only too easy to target and infect, for the end game of allowing an infected device beyond the production servers and straight into the internal network of many of the big dot-com's. Its not completey clear who diabl0 is currently. Theres more than one diabl0 out on the web. A query on Google brings up indivduals posting on discussion forums, as well as a defacement group named diabl0, who funnily have been more than willing to submit their defacements to Zone-H. These guys have been around for a while and know what their doing is the generally impression I get. I don't know if diabl0 was clever enough to research and coordinate and target laptops to propogate the worm, but it would be only too easy to do in the future if someone is willing to put in enough preperation time into planning the assault on known employees of an enterprise. I've been watching too many movies and using illegal substances. Time for me to go now. _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
