I need a virus - a really bad one... ideas?
- Thread starter WinstonTJ
- Start date
-Go to a bittorrent site (btjunkie) and find the most recent torrents which are marked as having a virus. Download about 50 of them (you can go for a smaller size).
-You can also find on various http download sites (filestube) various small apps that are linked to download. Most of them have viruses. Look for the newest ones from suspicious sources (strange url of original link posting).
-Remove all your firewalls. Install a IRC client. Go to various hacking/computing/phishing irc channels and tell people to infect you.
-You can also find on various http download sites (filestube) various small apps that are linked to download. Most of them have viruses. Look for the newest ones from suspicious sources (strange url of original link posting).
-Remove all your firewalls. Install a IRC client. Go to various hacking/computing/phishing irc channels and tell people to infect you.
Well I found a nasty one that tries to spread to networked computers and gives BSOD.
The 4-chan guys didn't believe me... they thought I was trying to get them to hack someone elses computer. A few of them tried to get back to my IP address but they never got in, etc.
I haven't been able to see, share or hack across the firewall or hypervisor to see other machines so this is good progress.
Thank you very much for the PM'd links to virus sites, etc.
The 4-chan guys didn't believe me... they thought I was trying to get them to hack someone elses computer. A few of them tried to get back to my IP address but they never got in, etc.
I haven't been able to see, share or hack across the firewall or hypervisor to see other machines so this is good progress.
Thank you very much for the PM'd links to virus sites, etc.
incase this ever comes up in a search, etc.
feel free to PM me - I have the executable files in a .zip format and I'm happy to host if anyone ever needs to destroy a computer
The good ones I eventually found will seek out network storage drives and make them bootable so that when another computer connects to it it auto-runs the executable on that allowing the virus to sweep through your whole network.
Its been a very cool experience. The ability to rebuild a whole 6-computer virtual system in 45min from a dead machine to formatting HDD and completely rebuilt makes testing like this easy.
Good to have and very good to use with different firewall rules and types of operating systems, etc. (linux vs. windows).
feel free to PM me - I have the executable files in a .zip format and I'm happy to host if anyone ever needs to destroy a computer
The good ones I eventually found will seek out network storage drives and make them bootable so that when another computer connects to it it auto-runs the executable on that allowing the virus to sweep through your whole network.
Its been a very cool experience. The ability to rebuild a whole 6-computer virtual system in 45min from a dead machine to formatting HDD and completely rebuilt makes testing like this easy.
Good to have and very good to use with different firewall rules and types of operating systems, etc. (linux vs. windows).
Quote from WinstonTJ:
The project started a while back when I was trading - I was working with several different programmers but using a shared tick data database - we created a bunch of sandbox type situations where various programmers could remote in and access the database and code/program but we throttled the upload speeds like crazy so they couldn't steal my tick data
Recently I've had a small hedge fund ($150M & 6 guys) approach me about virtualizing their desktops - converting over from older HP & Dell hardware to modern thin-client devices and virtualized desktops (like what Goldman did in their new building).
I think I have it complete (i mean structurally its all set) and now I just need to test that my jails and firewalls and partitions are solid and I didn't forget something or leave something out - I have a Jan1 delivery date so i'm ahead of schedule and things are going well with this.
I have rack space in NYC so eventually I'd like to take it up a notch and offer a service to traders similar to an amazon instance where you can purchase (daily, monthly or yearly) remote desktop instances that offer ultra-low-latency connectivity to a data feed or execution engine. This is really the reason I need to know its pretty hack-proof and that images are isolated - to protect the individual's data from the others, etc. so I can offer security and 99.999% uptime.
The real issue will be trust I think more than security - traders are pretty paranoid and putting your system on someone's hardware that you don't know is going to be a very hard sell - but I know enough guys both on here (ET) and elsewhere that I can get 10-20 subscriptions in short order once I know its safe and secure. I'd like to be able to offer ultra-low-latency data on-site (me providing an equities feed to the traders) and then facilitate connectivity (via cross-connects or just regular internet) to whatever execution servers they need.
So that's the story - I pretty much need something so nasty that it will want to go viral and destroy the whole system or anything on the machine.
Its on a totally separate internet connection and on isolated hardware that I can rebuild in like 45minutes so I really want to try and go nuclear on this thing.
Are people going to bring their own hardware and then you virturalize it for them, or are you going to provide the hardware?
Are they all linked to the same backup system?
The only reason i ask is have you accounted for the undetectable virus, that is on the motherboard?
Winston, don't forget me when you get your first ten mil check for a new antivirus s/w.
If you REALLY want some virus(es), let me know. I have three Sons in High School sharing the same computer. Guarantee there's some sick viruses on that ten minute to boot up computer.
I'm replacing it this week. If Canada will let this coughing-ill computer through customs, maybe I could send it to you for some experimental work?
If you REALLY want some virus(es), let me know. I have three Sons in High School sharing the same computer. Guarantee there's some sick viruses on that ten minute to boot up computer.
I'm replacing it this week. If Canada will let this coughing-ill computer through customs, maybe I could send it to you for some experimental work?
I'm not trying to build an antivirus solution - I'm trying to make sure my virtual environment is sound.
Rehoboth (that like Rehoboth, MA?):
I own the hardware - I have hardware at two data centers in NYC. If you are interested I can share HW specs but essentially its backed up, redundant, inside a data center and has great connectivity. If someone brings me HW to mirror or virtualize or to convert to virtual I'm happy to do that as well.
I'm also interested in learning about these bios viruses. I don't know that I want to ruin a mobo but I do have a few spare that I might want to play with.
Depending on how the virtual OS is set up it may not actually have any access to the hardware so I'm not sure that's an issue but I'd like to try it out.
LEAPup:
I think you should make your kids keep that 10min-boot machine!
Rehoboth (that like Rehoboth, MA?):
I own the hardware - I have hardware at two data centers in NYC. If you are interested I can share HW specs but essentially its backed up, redundant, inside a data center and has great connectivity. If someone brings me HW to mirror or virtualize or to convert to virtual I'm happy to do that as well.
I'm also interested in learning about these bios viruses. I don't know that I want to ruin a mobo but I do have a few spare that I might want to play with.
Depending on how the virtual OS is set up it may not actually have any access to the hardware so I'm not sure that's an issue but I'd like to try it out.
LEAPup:
I think you should make your kids keep that 10min-boot machine!
I wouldn't worry too much about them. They often require physical access or in the case of Mebromi target specific anti-virus software loaded machines or specifically Award BIOS.
http://blog.webroot.com/2011/09/13/mebromi-the-first-bios-rootkit-in-the-wild/
Improvements in chip technology renders them obsolete with time.