PC A Windows XP machine's life expectancy in 2024

[Dead2009]

A Windows XP machine's life expectancy in 2024 seems to be about 10 minutes before even just an idle net connection renders it a trojan-riddled zombie PC

That's all without clicking a single hot link.

www.pcgamer.com

How long do you think it takes an unprotected Windows XP box to fall foul to malware? To be clear, this is a machine sitting idle, no internet browsing required, just connected to the internet.

One YouTuber, Eric Parker, decided to find out (via XDA). Using a virtual machine, Parker set up a Windows XP instance and configured it to be fully exposed with no firewall and no anti-virus software, just like the good old days. So, how long exactly does it take for malicious software to appear on the PC?

Parker returns to the PC 10 minutes later and, sure enough, there's something nasty running in Task Manager named conhoz.exe, a known trojan.

He shuts that process down and leaves the machine running. Within just a few more minutes, a new user has been added, plus a number of new processes, including an FTP server.

So, yeah, within 15 minutes that's multiple malware processes and an entirely compromised machine with the bad guys having already created a new admin account and an FTP server running locally. Jaysus!

Parker then traces the malware's communication to, yup you guessed, the Russian Federation. He speculates that the bad guys might be trying to set up a botnet or spam email server from his compromised machine.

Further investigation reveals even more malware, including another Trojan and a rootkit. A Malwarebytes scan then reveals the full horror, with eight nasties actually running including four trojans, two backdoors, and a couple of adware apps.

 

[Smacktard]

A Windows XP machine's life expectancy in 2024 seems to be about 10 minutes before even just an idle net connection renders it a trojan-riddled zombie PC

That's all without clicking a single hot link.

www.pcgamer.com

How long do you think it takes an unprotected Windows XP box to fall foul to malware? To be clear, this is a machine sitting idle, no internet browsing required, just connected to the internet.

One YouTuber, Eric Parker, decided to find out (via XDA). Using a virtual machine, Parker set up a Windows XP instance and configured it to be fully exposed with no firewall and no anti-virus software, just like the good old days. So, how long exactly does it take for malicious software to appear on the PC?

Parker returns to the PC 10 minutes later and, sure enough, there's something nasty running in Task Manager named conhoz.exe, a known trojan.

He shuts that process down and leaves the machine running. Within just a few more minutes, a new user has been added, plus a number of new processes, including an FTP server.

So, yeah, within 15 minutes that's multiple malware processes and an entirely compromised machine with the bad guys having already created a new admin account and an FTP server running locally. Jaysus!

Parker then traces the malware's communication to, yup you guessed, the Russian Federation. He speculates that the bad guys might be trying to set up a botnet or spam email server from his compromised machine.

Further investigation reveals even more malware, including another Trojan and a rootkit. A Malwarebytes scan then reveals the full horror, with eight nasties actually running including four trojans, two backdoors, and a couple of adware apps.

This is actually incredible. I'm pretty ignorant about this sort of thing but it blows my mind that this malicious software can get on to a computer that is merely connected to the Internet. Unreal.

Obligatory fuck Russia.

 

[Kat]

This is actually incredible. I'm pretty ignorant about this sort of thing but it blows my mind that this malicious software can get on to a computer that is merely connected to the Internet. Unreal.

Obligatory fuck Russia.

Remember that when you buy "smart" devices. They almost never have security on them, and it's even rarer for them to get security updates.

 

[Mark]

Remember that when you buy "smart" devices. They almost never have security on them, and it's even rarer for them to get security updates.

Ding ding ding.

Everyone I know that is familiar enough with or has worked in smart tech either refuses to touch the stuff, or has their bathroom lightbulb protected through a secure network. Absolutely no gray area that I’ve seen.

I’m so glad that we all came up in the pioneering generation, so we were able to see the writing on the wall with that kind of stuff. Don’t get me wrong, I have smart LED bulbs and random junk like that… but, who’s gonna hijack my bulbs? Really? Nah… seriously, if there’s a risk, I wanna know. Otherwise… you can keep that Fitbit, smart fridge, smart washer, smart toilet, etc. I’ll pass.

 

[Kat]

Don’t get me wrong, I have smart LED bulbs and random junk like that… but, who’s gonna hijack my bulbs? Really? Nah… seriously, if there’s a risk, I wanna know.

There are two risks. One isn't to you directly, it's that Russia or whoever will use them as a botnet. The other is that a hacker will use the device to penetrate your network to get to your PC. You can still use the devices, but you should secure your router (at a minimum, change the default password and keep the firmware up to date) and put IoT devices on a separate network from devices with important data (most routers have a guest network option, which makes it easy).

 

[Fool's Requiem]

Weird that nothing happens on Win 7 with all of the security measures disabled, but not XP despite almost no one using XP on the internet anymore. I get that 7 has perms that make it extremely difficult to make system changes unlike XP, but I still feel like having active bots running around looking for XP systems to infect is a little weird.