This is one of the most interesting papers I’ve seen. Some researchers investigated the Witty worm. They decoded the random number generator used by the worm for finding new hosts, and managed to figure out all sorts of things like how many disks a compromised host had, initially targeted hosts, even the machine that injected the worm into the internet. Ed Felten’s description. One of those guys is from G-Tech.
Comments are closed.