Remember this?
(I know I do as it was the one and only infection I’ve ever had on my PC).
The Blaster Worm, also commonly known as ‘Lovsan’ or ‘Lovesan’, was first spotted on the 11th of August 2003.
The worm spread quickly on computers that ran Microsoft operating systems such as Windows 2000 and Windows XP.
The rate of spread and infection by the Blaster worm peaked 2 days after it released before ISPs managed to successfully filter it.
It is believed that the original variant of Blaster was created after a Chinese hacking group before Jeffrey Lee Parson engineered a B variant, a crime for which he later received an 18 month jail term.
The Blaster worm spread by exploiting a buffer overflow discovered in the DCOM RPC service on the affected operating systems, something for which a patch had been released one month prior in MS03-026 and later in MS03-039.
This exploit allowed the worm to spread even without users opening attachments, simply by spamming itself to large numbers of random IP addresses.
Blaster acquired it’s nicknames of Lovsan and Lovesan due to two different messages that were discovered hidden in it’s code.
The first message said -
billy gates why do you make this possible ? Stop making money and fix your software!!
- was obviously targeting Bill Gates of Microsoft fame.
The second message said -
I just want to say LOVE YOU SAN!!
- which is obviously the reason for the ‘Lovesan’ names.
Were you ever caught out by the Blaster worm?
Heres more in my short series on malware that changed the world -
- The OSX/RSPlug Trojan
- The I Love You Virus
- The Blaster Worm
- Anna Kournikova
- The Melissa Virus
- The Storm Worm
- The Morris Worm
- The Conficker Virus
- The Chernobyl Virus
- SQL Slammer
- Sasser
- MyDoom
{ 8 trackbacks }
{ 0 comments… add one now }