Virus writers exchange coded insults
Published: 03 Mar 2004 13:30 GMT
Security researchers have discovered that the authors of MyDoom and Bagle are exchanging insults with the author of Netsky using text that is hidden inside the virus's code.
Since Friday, more than 10 variants of the Netsky, Bagle and MyDoom worms have been discovered. Mutants spreading in the past 24 hours have contained messages that indicate the authors of MyDoom and Bagle have teamed up against Netsky's author, antivirus experts said.
Finnish security company F-Secure on Tuesday reported that Bagle.J contained a line of text that said: "Hey, NetSky, f*ck off you b*tch, don't ruine our bussiness, wanna start a war?"
Mydoom.G, which was released on the same day, also contained a message to Netsky's author: "to netsky's creator(s): imho, skynet is a decentralized peer-to-peer neural network. we have seen P2P in Slapper in Sinit only. they may be called skynets, but not your shitty app."
In response, the latest Netsky variant (F), which was discovered on Wednesday morning, contained the message: "Skynet AntiVirus - Bagle - you are a looser!!!!".
Graham Cluley, senior technology consultant for antivirus company Sophos, told ZDNet UK he believes the insults are flying because the authors of Bagle and MyDoom are not happy that Netsky has received so much publicity. "The author of Bagle is rather upset that the Netsky guy is taking all the headlines and getting most of the attention," he said. "Like any community, the virus writers often are at war with each other -- rather like politicians -- but their war of words is taking place on users' desktops and users' email systems."
To get their messages across, the worm writers are constantly changing their code to ensure they keep one step ahead of the antivirus companies.
"They are just tweaking them just enough -- and getting a big kick out of seeing the antivirus companies reacting and posting information on their sites," said Cluley. "We are the ones that are all suffering. I would much rather they ranted at each other on message boards instead of in raw code."
This isn't the first time worm authors have included a message in their malware. For example, the MSBlast worm, which caused so much damage last summer, contained a message directed at Microsoft chairman Bill Gates: "I just want to say LOVE YOU SAN!! billy gates why do you make this possible ? Stop making money and fix your software!!"
Did you find this article useful?
105 out of 239 people found this useful
- Share this article:
Full Talkback thread
6 comments
-
omg!!! this is comidy,hard core pc geeks having vi... Yo momma -
Yet more ways the Anti-virus companies can make mo... Bill Gates
-
i am getting weird out of context messages.as:
Sta... Anonymous
-
This is from one of the Wizard of Oz books.... Anonymous -
sounds like the writer of one of them is only 12! Jimmy Floyd
-
I find the whole virus issue very suspicious. With... Anonymous
