

F-Secure Stopped Facebook Worm With A Phone Call - mkramlich
http://www.f-secure.com/weblog/archives/00001955.html

======
bcl
When WHOIS info is correct it can be a big help. I've done the same for
phishing scams hosted in the US. The person on the receiving end is usually
somewhat confused at first, but eventually gets it.

~~~
X-Istence
Most likely a server that was hacked, most people appreciate getting a call at
that point to let them know that they are hosting something that is not
entirely kosher.

~~~
Legion
Phone call or no, somehow I don't see anyone taking their sites offline in
only 15 seconds without prior knowledge of what was going on.

That seems an awful lot more like a, "shit, someone's connected the dots"
response. Especially if you're claiming ignorance about the domain name being
called about. 15 seconds isn't even long enough to walk down the hall and ask
someone about it.

~~~
fossguy
I think the 15 second was just an expression to "very quickly"

~~~
Legion
Perhaps, but that doesn't change my impression of the story: phone call is
made, and _everything_ is shut off in a flash immediately afterwards.

Even if not a literal 15 seconds, the phrase doesn't seem to imply that there
was a length of time where someone on that end might have been investigating
the issue. It implies that someone flipped the switch to "off" the instant one
was able to get within reach of the switch.

------
GrandMasterBirt
Good proof of concept, if its spreading like wildfire it means that... guess
what... we got a good new medium to spread malware.

------
Rhapso
And it begins.

