[Dshield] cracking SoBig/SINIT/MyDoom, et alius

Pete Cap peteoutside at yahoo.com
Tue Feb 10 14:10:45 GMT 2004


Greetings all,
 
Was just going through my folders.  I've been collecting info on various (possibly OC-related) malware that has come across my radar screen in the past year or so.  Here's what I'm thinking:
 
FACT: the SoBig network is apparently still in existence since people are seeing SoBig traffic again/still...
FACT: the SINIT network is still in operation (that's the P2P one)...
FACT: MyDoom has opened the door for ANOTHER network of compromised hosts
 
At this point we have at least three highly successful implementations of the same idea: compromise a vast number of hosts and use them for...whatever.  Yes, I know this isn't an original idea--and I know we see scads of Botnets every day--but these three have been wildly successful whereas other attempts have not.
 
So what I'm wondering at this point is...are there any commonalities among these things?  I'm not about to suggest that they were written by the same person...but you have to wonder.
 
Thoughts?
 
Regards,
Pete


---------------------------------
Do you Yahoo!?
Yahoo! Finance: Get your refund fast by filing online


More information about the list mailing list