Previous Entry Share Next Entry
Fuck me, I'm good
2012
unknownj
Looking on the Internet, as far as I can tell, my analysis of the worm is absolutely correct, I figured what it does, and how to kill it before it starts doing bad things.... Wicked :o)

And now, to prove my genius, or arrogance (depending on the outcome), I will reboot my machine, and see if it's infected when I turn it back on :o)

Update: Just done that. Am certainly Virus Free, which means it worked. Now, here's the fun part. The code involved is so blatantly open to reversal that it's unbelievable. It's possible to change only a few lines in that code, and turn it into an anti-virus that spreads around the Internet undoing the kak-worm virus. You'd have to build in mechanisms to stop it spreading everywhere and to everybody, but in theory, that's possible. You could have it only execute in the month it's sent out. Send it out at the beginning of the month - it'd bother people with its little anti-virus activity for the month, and then stop. Nobody would spread the anti-virus any more, but it'd have worked. Plausible, perhaps even do-able by me.... Perhaps worth looking into...

  • 1
One of the directors laptops at work got infected. No one els emanaged to disinfect it.

I came in, looked at the KAK.HTA file, worked out where it sat, and took it out.

Look out for secret registry entries.

As far as I can tell, the thing didn't even run, it just infected me. For all the waffle about what it does, I just deleted one file and killed it. Doesn't seem worth it, really ;o)

It only seems to work if you reboot twice. Its a bit of a kiddie script, but interesting none the less.

Interesting, bits are clever, but other bits just suck...

  • 1
?

Log in

No account? Create an account