Google Groups no longer supports new Usenet posts or subscriptions. Historical content remains viewable.
Dismiss

Re: Stark US Warning Over Risk Of Cyber Attacks

4 views
Skip to first unread message

Virus Guy

unread,
Oct 12, 2012, 9:48:21 AM10/12/12
to
David_B wrote:

> The attacks, which have been described as a "pre-9/11 moment", used
> a virus called Shamoon which can spread through computer networks
> and overwrite files.

Probably doesn't function correctly under win-98.

The method it uses to over-write the mbr probably doesn't work on a
FAT32 file system.

http://www.securelist.com/en/blog/208193834/Shamoon_The_Wiper_further_details_Part_II

=================
The main Shamoon module has a resource PKCS7:113 that maintains an
executable which is saved to disk as %WINDIR%\System32\NETINIT.EXE and
this program poses a module to communicate with CNC.
=================

I can find absolutely no mention anywhere on the net as to how the file
"netinit.exe" is placed and then executed on a comprimised system...

............

Why does David_B cross-post to alt.politics.scorched-earth?

Why does he not include either alt.comp.virus or alt.comp.anti-virus in
what is obviously a viral-focused subject? Why does he instead post
these to alt.comp.privacy?

David_B

unread,
Oct 12, 2012, 4:36:52 PM10/12/12
to
Virus Guy wrote:
> David_B wrote:
>
>> The attacks, which have been described as a "pre-9/11 moment", used
>> a virus called Shamoon which can spread through computer networks
>> and overwrite files.
>
[....]

> Why does David_B cross-post to alt.politics.scorched-earth?

It's a group which I took over some years ago, VG. Nothing sinister! :-)

> Why does he not include either alt.comp.virus or alt.comp.anti-virus in
> what is obviously a viral-focused subject? Why does he instead post
> these to alt.comp.privacy?

I wasn't aware that I'd personally posted to 'alt.comp.privacy'! ;-)

*

There's more on this subject, here:-

http://www.computerworld.com/s/article/9232317/Future_cyber_attacks_could_rival_9_11_cripple_US_warns_Panetta?source=CTWNLE_nlt_security_2012-10-12

Dustin

unread,
Oct 12, 2012, 5:55:37 PM10/12/12
to
Virus Guy <Vi...@Guy.com> wrote in news:50781FA5...@Guy.com:

> David_B wrote:
>
>> The attacks, which have been described as a "pre-9/11 moment", used
>> a virus called Shamoon which can spread through computer networks
>> and overwrite files.
>
> Probably doesn't function correctly under win-98.
>
> The method it uses to over-write the mbr probably doesn't work on a
> FAT32 file system.

OS file system doesn't matter. Trashing an mbr is the same methodology.

> I can find absolutely no mention anywhere on the net as to how the
> file "netinit.exe" is placed and then executed on a comprimised
> system...

I doubt any researcher would provide very specific details at this
time...Wouldn't be prudent.

> Why does David_B cross-post to alt.politics.scorched-earth?

So I'll see it.

> Why does he not include either alt.comp.virus or alt.comp.anti-virus
> in what is obviously a viral-focused subject? Why does he instead
> post these to alt.comp.privacy?

Because he, like yourself, is an idiot.




--
There ain't no rest for the wicked. Money don't grow on trees. I got
bills to pay. I got mouths to feed. Ain't nothing in this world for
free. Oh No. I can't slow down, I can't hold back though you know I wish
I could. Oh no there ain't no rest for the wicked, until we close our
eyes for good.



Bear

unread,
Oct 16, 2012, 6:47:31 PM10/16/12
to
Dustin <bughunte...@gmail.com> wrote in
news:XnsA0EAB79075319HHI2948AJD832@no:
>
> Because he, like yourself, is an idiot.

Only SuperDustin is clever! <SIGH>

Jax
--
Bear Bottoms
http://bearware.info

Dustin

unread,
Oct 16, 2012, 7:03:51 PM10/16/12
to
Bear <removebea...@gmail.com> wrote in
news:XnsA0EEF206CB412be...@130.225.254.104:

> Dustin <bughunte...@gmail.com> wrote in
> news:XnsA0EAB79075319HHI2948AJD832@no:
>>
>> Because he, like yourself, is an idiot.
>
> Only SuperDustin is clever! <SIGH>

Jax,

Compared to you; a monkey could be considered clever. What value do you
contribute here exactly?
0 new messages