Monday, September 13, 2010

Anti-US Hacker Takes Credit for 'Here you have' Worm

Via ComputerWorld -

A hacker who claims he was behind a fast-spreading e-mail worm that crippled corporate networks last week said that the worm was designed, in part, as a propaganda tool.

The hacker, known as Iraq Resistance, responded to inquiries sent to an e-mail address associated with the "Here you have" worm, which during a brief period early Thursday accounted for about 10 percent of the spam on the Internet. He (or she) revealed no details about his identity, but said, "The creation of this is just a tool to reach my voice to people maybe... or maybe other things."

He said he had not expected the worm to spread as broadly as it had, and noted that he could have done much more damage to victims. "I could smash all those infected but I wouldn't," said the hacker. "I hope all people understand that I am not negative person!" In other parts of the message, he was critical of the U.S. war in Iraq.

On Sunday, Iraq Resistance posted a video echoing these sentiments and complaining, through a computer-generated voice, that his actions were not as bad as those of Terry Jones. Jones is the pastor at a small Florida church who received worldwide attention this week for threatening to burn copies of the Koran.

[...]

Tariq ibn Ziyad was the eighth century commander who conquered much of Spain on behalf of the Umayyad Caliphate. Iraq Resistance's YouTube video has a Spanish theme too. It shows a map of Andalucia, and Iraq Resistance lists his location as "Spain" in his YouTube profile.

 ------------------------------------------------------------------------------------

http://pandalabs.pandasecurity.com/%e2%80%9chere-you-have%e2%80%9d-worm-attack-could-have-been-lauched-from-spain/
The video shows a static picture of Andalucia, a region in the South of Spain. We have already sent all the information to the Spanish Guardia Civil, and we are doing some more research on this, so we’ll be probably publishing more information in the near future.
-----------------------------------------------------------------------------------

http://www.symantec.com/connect/blogs/new-round-email-worm-here-you-have

In this instance, the actual file downloaded would be named ‘PDF_Document21_025542010_pdf.scr’ and is housed on the domain ‘members.multimania.co.uk’. This file is a minor variation of W32.Imsolk.A@mm

No comments:

Post a Comment