Talk:Blaster (computer worm)

From Wikipedia, the free encyclopedia
Jump to: navigation, search
WikiProject Computer Security / Computing  (Rated Start-class, Low-importance)
WikiProject icon This article is within the scope of WikiProject Computer Security, a collaborative effort to improve the coverage of computer security on Wikipedia. If you would like to participate, please visit the project page, where you can join the discussion and see a list of open tasks.
Start-Class article Start  This article has been rated as Start-Class on the project's quality scale.
 Low  This article has been rated as Low-importance on the project's importance scale.
Taskforce icon
This article is supported by WikiProject Computing.
 


Who is behind it[edit]

One group may have been involved in blaster worm: Apple Computers inc. The whole plan is like this: In order to boost Apple computer sales, Apple decied to hire someone to make a Virus to wipe out Microsoft. The Kid, Jeff Parson, was the one. The Virus would then target Microsoft, eventually shutting the business down. So if the had paln suceeded, Bill Gates would lose a lot of money, Apple would dominate the computer world once again, and we would all be using Macs right now.--The Republican 23:52, 21 September 2005 (UTC)

That seems rather, um... unlikely. --Xanzzibar 18:07, 5 Jun 2005 (UTC)

unlikely, yes. impossible, no.--The Republican 23:53, 21 September 2005 (UTC)

I myself have doubts, the kid could have said that mac paid him off in an attempt to get a lesser sentence. This shows no record of that.--acebrock(no account)


Put down the bong man...

--Boochan 14:04, 16 July 2005 (UTC)

From http://www.vnunet.com/vnunet/news/2123165/fbi-arrests-stupid-blaster-b-suspect

According to court papers, the original Blaster was created after a Chinese hacking collective called Xfocus reverse engineered the original Microsoft patch.


Anon's addition[edit]

that jeffrey didn't even know about programming

all he did was:

1) unpack msblast.exe (it was compressed with UPX) 2) bind it with a backdoor 3) run it in order to infectt more computers

do Microsoft pay all you to post this kind of "news"??

Redirect[edit]

Jeffrey Lee Parson redirects here, and his name is on a 'convicted hackers' list, so when you click on his name to learn about him, it sends you to a worm that doesn't talk much of his arrest. Point of this: how would I go about to remove the redirect, but still be able to tell the user that he was responsible for the worm without writing anything? (Seeming I don't know anything about him) Lovok 17:19, 16 August 2006 (UTC)

He was not responsible for the worm. He found the existing blaster worm and made some slight changes to it and made the "b" variant and got caught. The authors of the original worm did not get caught.

actually just so you all know it was proven that jeffrey lee parson did know about programming and that there was a reason he did what he did, but none of that was public

Apparent[edit]

"is an apparent message to Bill Gates, the co-founder of Microsoft"

Out of general curiosity, is it necessary to say it's an "apparent" message? It's got his first and last name right on the message. Harksaw

No, no we don't. I've changed it. - JNighthawk 00:51, 6 November 2006 (UTC)

something to watch for[edit]

A Wikipedia page has been used by hackers in an attempt to spread malicious code.

The entry for the W32.Blaster worm in the German version of the popular online encyclopedia was altered to include false information about a new version of the Lovesan/MS Blaster worm, with links to a supposed fix. The fix was actually a piece of malicious code, according to antivirus vendor Sophos.

--CNET News

Doldrums 16:09, 6 November 2006 (UTC)

The same news was just repeated on NPR. 4.152.93.33 04:04, 7 November 2006 (UTC)

Two notes[edit]

To mitigate the attack Microsoft changed the A record for windowsupdate.com to 127.0.0.1. As a side effect, some Windows systems responded with ICMP unreachables to random destinations.

Cjcoleman 20070114


Mitigation section[edit]

I've removed this section, as Wikipedia is not a how-to guide. Also removed Trivia section, as it is empty. Flyguy649talkcontribs 15:30, 9 April 2007 (UTC)

Fair use rationale for Image:Windows restarting because of RPC termination.png[edit]

Nuvola apps important.svg

Image:Windows restarting because of RPC termination.png is being used on this article. I notice the image page specifies that the image is being used under fair use but there is no explanation or rationale as to why its use in this Wikipedia article constitutes fair use. In addition to the boilerplate fair use template, you must also write out on the image description page a specific explanation or rationale for why using this image in each article is consistent with fair use.

Please go to the image description page and edit it to include a fair use rationale. Using one of the templates at Wikipedia:Fair use rationale guideline is an easy way to insure that your image is in compliance with Wikipedia policy, but remember that you must complete the template. Do not simply insert a blank template on an image page.

If there is other fair use media, consider checking that you have specified the fair use rationale on the other images used on this page. Note that any fair use images uploaded after 4 May, 2006, and lacking such an explanation will be deleted one week after they have been uploaded, as described on criteria for speedy deletion. If you have any questions please ask them at the Media copyright questions page. Thank you.

BetacommandBot 23:21, 13 September 2007 (UTC)

shutdown because of unstability?[edit]

I dont't think, that unstability is the reason for the shutdown. I think the reason for the shutdown is, that the virus executes "shutdown -s -t 60 -c "Windows must now restart because the Remote Procedure Call (RPC) Service terminated unexpectedly."". The shutdown can also be aborted w/ shutdown -a and the system normally runs stable after this, until the next shutdown-window appears. --Qaywsxedc (talk) 22:22, 20 January 2008 (UTC)

Agreed, I came to lookup the virus which infected me back in 03. My computer wouldn't slow down before during or after that stupid window came up. My high school diploma thinks that the virus initiates the shutdown sequence. I know nothing about computers, but I came to the talk page to give my response to something I read in the article which possibly could be inaccurate. Sentriclecub (talk) 05:47, 25 June 2008 (UTC)

Yes, this was due to the worm causing the RPC service to work so hard it crashed. When it did, the system is set to reboot. If it was set to tell your computer to restart, then it wouldn't have time to spread so much. Btw, I used to work for Convergys and did SBC DSL support. I will add to the article that I, on the Saturday before the major outbreak on Monday, got a call with a user complaining about the shutdown message, and how the problem became much worse since the SBC Broadjump software is set to turn off the firewall in the XP DSL connection. Sprockkets (talk) 07:30, 22 November 2008 (UTC)

let's tell people also WHY the thing is called "blaster"![edit]

there is a file called MSBLAST.EXE on the hard disk of the infected machine. this information i cannot read anywhere. -andy 78.51.68.229 (talk) 00:43, 19 March 2008 (UTC)

Game sites[edit]

This thing is on Miniclip and some other online game sites. I had to replace a computer because of this thing. Powerzilla (talk) 22:41, 11 October 2008 (UTC)

Image copyright problem with Image:Windows XP Emergency Shutdown.png[edit]

The image Image:Windows XP Emergency Shutdown.png is used in this article under a claim of fair use, but it does not have an adequate explanation for why it meets the requirements for such images when used here. In particular, for each page the image is used on, it must have an explanation linking to that page which explains why it needs to be used on that page. Please check

  • That there is a non-free use rationale on the image's description page for the use in this article.
  • That this article is linked to from the image description page.

This is an automated notice by FairuseBot. For assistance on the image use policy, see Wikipedia:Media copyright questions. --05:49, 5 November 2008 (UTC)

Windows 7[edit]

I have discovered that the blaster worm also affects Windows 7. I made the mistake of downloading a Lego Star Wars: The Video Game computer demo, then it spread. It completely ruined my mother's laptop. We fixed it, but now it's missing the driver. It now appears to affect Windows 7. — Preceding unsigned comment added by 69.8.12.169 (talk) 18:11, 25 December 2011 (UTC)