On Mon, 9 Jan 2006 [EMAIL PROTECTED] wrote: > WMF was a perfect Zero-Day attack and a scenario like the blackout of > Internet was possible ? but nothing ? or no important attack! No BOT > virus deployed? No DOS worm attack? ? > > All hackers become white-hat? > Or they attacked and we didn?t see anything? > > Any hypothese / explanation ?
didn't see anything? where have you been? we tracked several dozen variants of WMF-linked malware which included bot functionality. as for massive takedown of the internet ... well, no. didn't see that. don't forget this required human intervention, and the proliferation of screening technology made this pretty easy for some sites to block. secondly, the bulk of what you could do with WMF-related malware was trigger another download. most of those were found and blocked in one way or another pretty quickly. anyhow, it was a serious incident, it was managed, and it's been taken care of in large measure ... ________ jose nazario, ph.d. [EMAIL PROTECTED] http://monkey.org/~jose/ http://infosecdaily.net/ http://www.wormblog.com/
