Malware That Changed The World – The Blaster Worm

by Lee on September 4, 2009

in Malware

Remember this?

(I know I do as it was the one and only infection I’ve ever had on my PC).

blaster worm

The Blaster Worm, also commonly known as ‘Lovsan’ or ‘Lovesan’, was first spotted on the 11th of August 2003.

The worm spread quickly on computers that ran Microsoft operating systems such as Windows 2000 and Windows XP.

The rate of spread and infection by the Blaster worm peaked 2 days after it released before ISPs managed to successfully filter it.

It is believed that the original variant of Blaster was created after a Chinese hacking group before Jeffrey Lee Parson engineered a B variant, a crime for which he later received an 18 month jail term.

The Blaster worm spread by exploiting a buffer overflow discovered in the DCOM RPC service on the affected operating systems, something for which a patch had been released one month prior in MS03-026 and later in MS03-039.

This exploit allowed the worm to spread even without users opening attachments, simply by spamming itself to large numbers of random IP addresses.

Blaster acquired it’s nicknames of Lovsan and Lovesan due to two different messages that were discovered hidden in it’s code.

The first message said -

billy gates why do you make this possible ? Stop making money and fix your software!!

- was obviously targeting Bill Gates of Microsoft fame.

The second message said -

I just want to say LOVE YOU SAN!!

- which is obviously the reason for the ‘Lovesan’ names.

Were you ever caught out by the Blaster worm?

Read more : Malware That Changed The World

Share this post: Tweet It | Facebook It | Stumble It | Digg It | Delicious It

Related Posts:

  • Malware That Changed The World – The I Love You Virus
  • Malware That Changed The World – The OSX/RSPlug Trojan
  • Confiker Worm Evolves Into Conficker B++
  • Conficker Worm – Was It Worth The Fuss?
  • What Does The Conficker Worm Do Exactly?
  • 64% Of You Are Worried That You Have Been Infected By The Confiker Worm
  • Heres A Quick Guide To Determine If You Are Infected With The Confiker Worm
  • Registry Values for Conficker
  • Can I Block Conficker By Being Proactive?
  • Microsoft’s Bill Gates Gives His Millions Away
  • Previous post:

    Next post: