Net Manager

Net Manager
Network Managing, Engineering and Administration with an eye toward security.

Best practices meets the real world!

Thursday, May 15, 2003

Joe Stewart reports an interesting development with the fizzer virus:

Fizzer downloads an update from a Geocities page. Yesterday, that page was nonexistent, but this morning it has an executable available for download. The executable does only one thing: it creates the file %windir%\uninstall.pky, which causes fizzer to remove its registry keys and quit. So, either the author triggered the kill switch, or someone at Geocities did us all a favor.

I kinda doubt that the author did this. Probably someone else found a way to shut it down. Also relates to what I was talking about with regard to system admins arming themselves with better tools. In this case, it looks like someone armed themselves with better knowledge.

posted by David | 5/15/2003 09:51:00 AM

0 Comments:

Post a Comment

<< Home

links

Net Manager Blog
Cockatiel Lair

cNet News
eWeek
cNet
InterNet Week
Network World
Information Week
Security Focus
SANS InfoSec Reading Room
CERT
SlashDot
GrokLaw
NewsForge
LWN.net
Linux Journal
Linux Today
Linux Gazette
The Register

Internet Storm Center
DShield
Internet Health Report
Global Instability
SamSpade DNSBLomatic
Virus Encyclopedia
Symantec Anti-Virus
TMS - Symantec
McAfee
Sophos Top Ten

Security Tracker
Hacker Toolkit
Security-Forums
PacketStorm
Phrack
Astalavista
Interhack
RootKits
Knoppix
Knoopix STD

News Links

CNN Online
MSNBC News
CBS News
ABC News
FOX News
USA Today
The Miami Herald
The Washington Post
The New York Times
BBC News
The Guardian
Canada's CBC
Austraila's ABC

Blog Links

IT Blogs
Just Another Geeks Blog
The Lost Olive
CyberCrime Archives
DataCom Guy
One Man I.T.
Geek Style
Pete's Perfect World
TechDirt