Message in a Malware

Twitter: This is ChargedTweet

YouTube breaks own record http://tinyurl.com/yzn8mnc 24 hours worth of video are being uploaded to the video-sharing site every minute 10 hrs ago
@Joyanne Alright then. Well..... technology takes it to (one) extreme http://tinyurl.com/y8gbkh2 12 hrs ago
@gianvisser What do you say - why should users stick with #afrihost MWEB launches uncapped broadband http://tinyurl.com/ye63lwu 12 hrs ago
Ria Wiid's LifeCircle - Mentor - Coach - Women's circle - Workshops - Gauteng http://ping.fm/gjzeg 13 hrs ago
Our Social Media Obsession by the Numbers [STATS http://ping.fm/3Gwaf 13 hrs ago
@joyanne Ah - they're meant for your mom. I thought they were instructions to your friends (some pretty good ones, too) in reply to joyanne 13 hrs ago
Still wondering if I really did see Bill Clinton arriving on a scooter and working out @Virginactivesa BryanPark yesterday PM ..... :-D 14 hrs ago
#MWeb #039;s uncapped ADSL http://tinyurl.com/yest84n T&Cs prohibit unattended use. i.e. if you leave your pc you can't use the connection. Doh 14 hrs ago
http://tinyurl.com/qbn89r Eskom charges companies that use as much power as all of Durban, CT, less than it costs to create the electricity 15 hrs ago
RT @coenraadfick RT @johanmeiring: "pfffft, screw #mweb I'm sticking with #afrihost " // amen to that! <-Me too.. wait & see 16 hrs ago
RT @coenraadfick coenraadfick RT @johanmeiring: "pfffft, screw #mweb I'm sticking with #afrihost " // amen to that! <-Me too.. wait & see 16 hrs ago
Ucapped broadband at cool prices finally in AA <-OK, so this is late, but I've been working http://ping.fm/KCqt1 16 hrs ago
New Flickr Group: No Zuma on Flickr. Rule 1 Don't take Zuma pictures. Rule 2 Don't post Zuma pictures on Flickr http://tinyurl.com/yds7axg 23 hrs ago
New Flickr Group: Don't take pictures of Zuma. Rule 1: Don't post Zuma pictures. Rule 2: Don't post Zuma pictures on Flickr http://ping.fm/s 23 hrs ago
@getting_smarter Phew, but was I 2nd-guessing myself with 1st assignment. Still am. Studying is difficult after not having done it so long! in reply to getting_smarter 1 day ago
Ah, at least website development is much more interesting and I think I may just be @getting_smarter after all. :-) 1 day ago
I think I may be @getting_smarter by studying "market research"... but why do I feel like I'm wading through treacle? Small steps. Phew. 1 day ago
Hell's Bells, Part three: Lay charges say cops after EWN journo is manhandled by blue-light boys http://ping.fm/h6WZ8 1 day ago
Today is under construction. Thank you for understanding. http://ping.fm/YrERO 1 day ago
@BreakingNews DOT opens investigation into Virgin America Flight 404 http://bit.ly/bOitf5 <Only because someone was tweeting about it? in reply to BreakingNews 1 day ago
More updates...

April 1st, 2009 · No Comments

We often see messages from malware authors in the malware that we analyze. And, strangely, unlike the theme of The Police’s hit song “Message in a Bottle,” these are never expressions of love. On the contrary, they’re usually offensive.

Backdoor-DOQ is a backdoor Trojan. A variant that we analyzed last week would, among other things, establish a connection to a remote server via IRC and wait for commands from an attacker on the communication channel. Beyond its nastiness, the Backdoor-DOQ executable contains a message in plain text. I’ve censored the nonfamily friendly pieces of this: “I do voodoo on your mom [expletive]. BTW metal rules pop sucks.”

Backdoor-DOQ Voodoo