tell me this is not the oddest internet worm you've ever seen.

It breaks into your computer using windows vulnerabilities,
uninstalls a couple of other worms if present, then
downloads patches from microsoft, to fix some vulnerabilites.
Then connects to other computers from your computer breaks in, and then patches them.

weird or what?

http://www.sophos.com/virusinfo/analyses/w32nachib.html

It's nothing new and it's definitely not a commendable action.

See: http://www.codingforums.com/showthread.php?t=34169 -- The virus in that discussion has since been used to carry noxious payloads too.

I wasn't implying it was commendable...after all it does break into your system, it's just that I expected a worm to do something malicious in it's own right, didn't think about the implications for network traffic...etc.

Well, it might hurt network traffic and is still intrusion, but look at it from the bright side. The original worms are a brilliant piece of human engineering, but the counterworms are a straw sharper.
- The targets they are sent to are the ones that exists on the address lists of those that have already proved they open files that are not trustworthy without a second thought about it, the same the original worms targetted. Thus they specifically target those who recieved the original worms, as well as tries to remove them from the computer of one likely to have them.
- The same have also proven to be those that have no antivirus protecting them, either locally, at LAN level, at the WAN level, or at the mail server level.
- They do remove backdoors left by the original worms, thus eliminating a potentially even worse problem of those computers being used in controlled DDoS attacks weeks or months later.

So, actually, they are among the most effective ways of cleaning up those that have no inclination to do the cleanup themselves. Those that are bound to not have an antivirus and are ignorant of this problem, as well as the threat it might provide to their privacy and locally stored data.

Pretty much all the latest worms do this, it's almost as if it's the 'in thing' in virii/worm engineering.

Lol, this thread is cool, but what language do i have to learn to write such a worm?

And is it as easy as learning JS?

Well, first of all, read up on the posting rules, 1.4.

Second, even if we know where to find information on topics like that, we wouldn't post it on the forums.

Third, you should know better then asking that question, having been here for a while.

I don't think it's odd!


One worm creator says "I'm better than all of you"


Another says "Let me show him"


The virus unistalls Bagel, and.. Netsky?