If you throw the 20-year-old OS 'Windows XP' onto the Internet unarmed, this is what happens
Windows XP, released in 2001, has been out of extended support since April 2014, and 10 years have passed since then. However, it has been well-received due to its low spec requirements and stability, and a report released in 2022
What happens if you connect Windows XP to the Internet in 2024? - YouTube
Idle Windows XP and 2000 machines get infected with viruses within minutes of being exposed online — legacy OSes compromised by just connecting to the Internet | Tom's Hardware
https://www.tomshardware.com/software/windows/idle-windows-xp-and-2000-machines-get-infected-with-viruses-within-minutes-of-being-exposed-online
A Windows XP machine's life expectancy in 2024 seems to be about 10 minutes before even just an idle net connection renders it a trojan-riddled zombie PC | PC Gamer
https://www.pcgamer.com/hardware/a-windows-xp-machines-life-expectancy-in-2024-seems-to-be-about-10-minutes-before-even-just-an-idle-net-connection-renders-it-a-trojan-riddled-zombie-pc/
It Now Takes Just 10 Minutes for Trojans to Infect Windows XP | Extremetech
https://www.extremetech.com/internet/it-now-takes-just-10-minutes-for-trojans-to-infect-windows-xp
'The Internet in the 2000s was very different from today, and while we rarely expose our PCs directly to the Internet anymore, back then Windows allowed anything to access our PC from the Internet without a firewall,' Parker said, recalling his decision to give it a try.
The Windows XP environment used here is run by remotely operating a virtual machine built on the virtualization platform
It only took a few clicks to set it up. 'The old setup screen was a lot simpler than the current one, and now it's threatening to give your data to Microsoft if you don't click a bunch of buttons,' Parker said.
Disable the firewall and security and set up the Internet connection. Of course, there is no antivirus software installed.
The first signs that your PC is infected will appear within just a few minutes of opening your Internet Explorer browser and leaving it alone.
When you open the Task Manager, you will see an unfamiliar executable file called 'conhoz.exe', which is said to be a harmful virus.
Shortly after, when he checked the accounts, he found that an account with administrator privileges called 'admina' had been created. Parker speculates that the account was hosting an FTP file server, suggesting that the hackers were building a botnet or trying to send spam.
When tracing the communication history of conhoz.exe mentioned earlier, we found a domain that was registered in Russia in 1994 and has been in use since 2024. This means that malware targeting Windows XP is still being operated in 2024.
I ran Malwarebytes, which scans for viruses, and it found eight pieces of malware -- there were probably more on my machine, but that's as far as the free version of Malwarebytes can go.
After using Malwarebytes to remove the malware and rebooting Windows XP, conhoz.exe was still present on the device, but it didn't auto-launch, so it seemed like I'd successfully disabled it... or so I thought.
However, the moment he tried to start the firewall while scanning again with Malwarebytes, Malwarebytes was automatically closed and the executable file was restored. Even though it was a free version, the malware was forcibly terminating the antivirus software, so Parker said, 'This is a case of being taken by the malware.'
Parker then tried the same thing with Windows 2000.
As expected, within minutes of connecting to the Internet, the system was invaded by a large amount of malware, eventually crashing, displaying a blue screen and becoming unusable.
When I ran an online scan of the suspicious executable, it came up with a ton of malware.
Parker also tried turning off the firewall on Windows 7 and leaving it connected to the Internet for several hours, but no such issues occurred.
'These results show how vulnerable systems like Windows XP are to malware infections,' Parker said. 'If you find yourself in this situation, I strongly recommend that you disconnect from the Internet and reinstall your system.'
◆ Forum is currently open
A forum related to this article has been set up on the official GIGAZINE Discord server . Anyone can post freely, so please feel free to comment! If you do not have a Discord account, please refer to the account creation procedure explanation article to create an account!
• Discord | 'Have you ever been infected with a virus on an older OS?' | GIGAZINE
https://discord.com/channels/1037961069903216680/1243132971632824381
Related Posts:
