If you can read this, either the style sheet didn't load or you have an older browser that doesn't support style sheets. Try clearing your browser cache and refreshing the page.

(Ars Technica)   Iranian computers attacked by new malicious data wiper program. So much for upgrading Photoshop   (arstechnica.com) divider line 29
    More: Interesting, photoshop, Iranians, Windows Desktop, Kaspersky Labs, targeted attacks, Saudi Aramco, quality assurance, upper stage  
•       •       •

2775 clicks; posted to Geek » on 17 Dec 2012 at 5:05 PM (2 years ago)   |  Favorite    |   share:  Share on Twitter share via Email Share on Facebook   more»



29 Comments   (+0 »)
   
View Voting Results: Smartest and Funniest

Archived thread
 
2012-12-17 01:54:01 PM  
I wonder if the US and Israeli governments are in cahoots with Adobe.
 
2012-12-17 02:14:00 PM  
They're not worried. They back up their data to the haboob every night.
 
2012-12-17 02:22:23 PM  
24.media.tumblr.com

Seen scuttling away from the scene.
 
2012-12-17 03:26:30 PM  
And I raaaaan... I ran my anti-virus prograaaaam...
 
2012-12-17 03:55:34 PM  
gestetnerupdates.com
"Problem?"
www.indiavision.com
"Infidel TROLL!"
 
2012-12-17 04:04:05 PM  
assets1.subpop.com

Suspected.

/obscure?
//hell yes
 
2012-12-17 04:09:40 PM  
An analysis from researchers at security firm AlienVault shows that the malware is able to remain active even after a machine is rebooted. It does this by adding a registry entry. The RAR archive dropper is named GrooveMonitor.exe, presumably to disguise it as a legitimate Windows Office 2007 service. GrooveMonitor.exe then drops additional files named juboot.exe, jucheck.exe, SLEEP.EXE, and WmiPrv.exe.

I bet the jus did this.
 
2012-12-17 05:10:51 PM  

dahmers love zombie: An analysis from researchers at security firm AlienVault shows that the malware is able to remain active even after a machine is rebooted. It does this by adding a registry entry. The RAR archive dropper is named GrooveMonitor.exe, presumably to disguise it as a legitimate Windows Office 2007 service. GrooveMonitor.exe then drops additional files named juboot.exe, jucheck.exe, SLEEP.EXE, and WmiPrv.exe.

I bet the jus did this.


I find it humorous that Iran with their much vaunted self-sufficiency kick, are still running Windows Office 2007. They've had almost 6 years now to make some sort of knock-off operating system. I guess it's not a high priority if they can't drive it on the Persian Gulf or parade it through Tehran.
 
2012-12-17 05:16:25 PM  
This is pretty low brow. I'd like to see one that drops random values into databases and spreadsheets. Make it so you can't trust the output of the computers.
 
2012-12-17 05:26:01 PM  

wildcardjack: This is pretty low brow. I'd like to see one that drops random values into databases and spreadsheets. Make it so you can't trust the output of the computers.


Patriot memory is way ahead of you.
 
2012-12-17 05:28:36 PM  
What would be hysetrical would be if this was on the drone they 'captured'.
 
2012-12-17 05:50:11 PM  
I bet those Iranian nuclear scientists are pretty disappointed that they're not going to see Anna Kournikova nude after all.
 
2012-12-17 05:56:25 PM  
As an ex dev for Groove, I'm getting a kick out of this.
 
2012-12-17 06:03:19 PM  

DanZero: [assets1.subpop.com image 605x605]

Suspected.

/obscure?
//hell yes


you wish...
 
2012-12-17 06:14:28 PM  

wildcardjack: This is pretty low brow. I'd like to see one that drops random values into databases and spreadsheets. Make it so you can't trust the output of the computers.


Send Mossad Special Agent Miss Stein to infiltrate the Iranian government secretarial pool.

content9.flixster.com
 
2012-12-17 06:33:22 PM  
In before they blame Israel
 
2012-12-17 07:00:32 PM  
img195.imageshack.us
 
2012-12-17 07:24:16 PM  
So it's a batch file that sticks itself in the startup section of the registry. What is this, 1995?? If you're so lame that you get 'hit' by this then you probably deserve it.

/next up: chain e-mails that tell you to open a command window and enter "format c: [return]"
 
2012-12-17 08:30:18 PM  

BumpInTheNight: wildcardjack: This is pretty low brow. I'd like to see one that drops random values into databases and spreadsheets. Make it so you can't trust the output of the computers.

Patriot memory is way ahead of you.


I lol'd :)
 
2012-12-17 09:04:49 PM  
Damnit. My computer is also infected by jucheck.exe
 
2012-12-17 09:05:00 PM  

Felgraf: What would be hysetrical would be if this was on the drone they 'captured'.


Trojan drone?
 
2012-12-17 09:08:51 PM  
Wiper, stop wiping!
 
2012-12-17 09:10:07 PM  
It was probably in that copy of the latest Photoshop that they torrented.
 
2012-12-17 09:47:35 PM  

rolladuck: Felgraf: What would be hysetrical would be if this was on the drone they 'captured'.

Trojan drone?


First thing that came to mind.
 
2012-12-17 09:55:06 PM  
Hrm... perhaps open source is a better choice.
 
2012-12-17 11:20:40 PM  
Time for Iran to go all Linux on their asses
 
2012-12-18 12:01:35 AM  
What is the evidence that Iran was the target? That a virus has been found in Iranian computers is hardly evidence that Iran was the target. It is not like malicious software is being produced around the world and has the ability to spread worldwide.
 
2012-12-18 02:26:33 AM  

traylor: Damnit. My computer is also infected by jucheck.exe


Hurry! Delete everything in system32 before it's to late!
 
2012-12-18 06:21:07 AM  
Meh, the one that played AC/DC was cooler.
 
Displayed 29 of 29 comments

View Voting Results: Smartest and Funniest


This thread is archived, and closed to new comments.

Continue Farking
Submit a Link »
On Twitter





In Other Media


  1. Links are submitted by members of the Fark community.

  2. When community members submit a link, they also write a custom headline for the story.

  3. Other Farkers comment on the links. This is the number of comments. Click here to read them.

  4. Click here to submit a link.

Report