RE: Spyware becomes increasingly malicious

[Brian Battle <nanog () confluence com>]

Alexei Roudnev wrote:

> It is not a bug; it is specially designed IE feature. MS always was proud
of
> their full automation - install on demand,
> update automatically, add new software to start at a startup without need
to
> be system admin, etc etc... As a result, we have a field full of bugs,
> pests, pets, spiders, spies and so on... They have _exactly_ what they
> designed. No one even bored to ask me 'do you want to allow this registry
> change' , because 'MS believe that their users are lamers so everything
must
> be automated from the beginning to the end'...

Most of the lastest versions appear to install themselves using the 
ByteCode Verifier vulnerability in the Microsoft Virtual Machine.
Fully patched systems don't get the stuff installed.  
I'm sure the authors are working on newer injection methods....
Though the blame might be placed on Microsoft for having a flaw in 
their code, this wasn't part of any IE feature.

You can read more about this exploitable bug (not feature) at
http://www.microsoft.com/technet/security/bulletin/MS03-011.mspx

> I do not blame MS, but what about spyware on MAC-s - is it so easy
> to write and install spyware there?

I don't really want to get into the argument of why people choose
microsoft products to attack, but if someone was going to choose 
a product to attack, from which they were going to try and make
the most money/impact off of, do you think they would choose the
product with the largest user base?  I think that's the case here.
It would be a poor business decision not to, and these people are
definetly out to make as much money as they can off of these 
exploits.

> This is 100% legal at this point (and even if it is not legal,
> who bored about it outside of USA? No anyone!).

It really shouldn't be legal.  It is someone gaining unauthorized
access to computer systems and altering data on those machines.
Not to mention that people are profiting from these intrusions.

-Brian