Net Manager Network Managing, Engineering and Administration with an eye toward security. Best practices meets the real world! |
Thursday, May 15, 2003 Joe Stewart reports an interesting development with the fizzer virus: Fizzer downloads an update from a Geocities page. Yesterday, that page was nonexistent, but this morning it has an executable available for download. The executable does only one thing: it creates the file %windir%\uninstall.pky, which causes fizzer to remove its registry keys and quit. So, either the author triggered the kill switch, or someone at Geocities did us all a favor. I kinda doubt that the author did this. Probably someone else found a way to shut it down. Also relates to what I was talking about with regard to system admins arming themselves with better tools. In this case, it looks like someone armed themselves with better knowledge. posted by David | 5/15/2003 09:51:00 AM |
|
||||
| |||||
0 Comments:
Post a Comment
<< Home