Monday, April 10th 2006

Microsoft: Nuke It From Orbit

by
Ice Czar
 Discuss (4 Comments)
When it comes to the latest breed of offensive rootkits and uber spyware this quote from Mike Danseglio, Microsoft's program manager in the Security Solutions Group pretty much sums it up: "When you are dealing with rootkits and some advanced spyware programs, the only solution is to rebuild from scratch. In some cases, there really is no way to recover without nuking the systems from orbit," he goes on to recommend widespread and automated re-imaging for the rebuild as a more cost effective solution than trying to clean and repair.
Source: eWeek Security
Add your own comment

4 Comments on Microsoft: Nuke It From Orbit

#1
Steevo
If everyone would contribute a dollar that was infected by a virus or trojan, or whatever.
















We could hire some hitmen, and motherfuckers would die. Then on to the bitches who cheat at online games.
Posted on Reply
#2
Polaris573
Senior Moderator
You have $2 from me.
Posted on Reply
#3
FLY3R
Yeah you have my $1.00
Posted on Reply
#4
Ice Czar
SteevoWe could hire some hitmen
we could restart the cold war
in this corner we have our hired thugs (ex SAS, Delta) and in that corner they'd have their ex Spetsnaz, URNA, ect. :p
Danseglio said malicious hackers are conducting targeted attacks that are "stealthy and effective" and warned that the for-profit motive is much more serious than even the destructive network worms of the past. "In 2006, the attackers want to pay the rent. They don't want to write a worm that destroys your hardware. They want to assimilate your computers and use them to make money.

"At Microsoft, we are fielding 2,000 attacks per hour".
its not kiddie hour any more when your talking the effective stuff
its organized crime, and generally from the former Soviet Block where there is alot of unemployed talent
(though China, Pakistan, India ect have a share as well)
the WMF "zero day" exploit was actually being shopped around from Moscow for at least a month
before any security firms got wind of it, use something like that to insert a kernal mode rootkit and mask the traffic with port knocking and you can have a wicked lurker in a sensitive "secured" database

what is suprising about this story is the fact Microsoft is on record as saying it is easier and better to Nuke an infection and that re-imaging back to a known good install is also by implication a preventative security option in the event your subverted and didn't know.

Specifically they are talking about enterprise but its just as applicable to enthusiasts, not that they are going to make alot of money off your p0rn collection and MP3's. :p
But they are happy to borg & bot you so you can help them do the same to others and extort money out of some poor slob as a protection racket or they close them down with a distributed denial of service (DDoS)
Danseglio said the success of social engineering attacks is a sign that the weakest link in malware defense is "human stupidity."

In February alone, the company's free Malicious Software Removal Tool detected a social engineering worm called Win32/Alcan on more than 250,000 unique machines.
Posted on Reply
May 27th, 2025 12:41 CDT change timezone

Latest GPU Drivers

New Forum Posts

Popular Reviews

Controversial News Posts