Have you heard of the Happy Hour virus?

We have been alerted to an online service that any security-conscious sysadmins ought to be made aware of.

We think so too, but ended up on the horns of a “disclosurelemma.”

That’s where warning administrators in case their users access the service and thus trivialise computer security might cause users to access the service and thus trivialise computer security.

Created by an advertising agency in Boulder, Colorado, the website, called Happy Hour Virus, lets you deliberately simulate a security problem in order to leave work early.

“We expect this problem to peak on Friday afternoons,” said David Ullard, the CYO of Boulder-based productivity and workplace security action group Boulder Online Regulators of Interactive Network Games. “This is a true cross-platform threat, with modules for Windows, Mac and Linux users, each accessible with just a single click from any major browser.”

Ullard, whose research has revealed that the site uses a command-and-control protocol called HTTP over network port 80, warns that some firewalls already permit this sort of traffic by default.

HTTP over port 80 is used by hundreds, if not thousands, of American business users every year for online activities as diverse as finding recipes, making contact with people they didn’t like at school but suddenly want to be friends with 23 years later, and looking up the latest dollar value of Bitcoins.

The work-avoidance simulations used by Happy Hour Virus are as follows.

Mac users can pretend their Mac has shut down unexpectedly, though we suspect many administrators will see through this ruse, because Macs don’t get viruses and thus cannot actually crash at all:


Linux users get to simulate what happens when they accidentally mix the experimental open source kernel drivers for their oddball graphics card with the proprietary window manager support modules provided by the card vendor:


And Windows users get what actually turns out to be an anachronism – an old-school Blue Screen of Death in the wrong font:


With nearly 102.6% of IT administrators already having moved their entire business away from Windows XP onto Windows 8, months before Microsoft’s offical deadline, we’re surprised that the Happy Hour Virus didn’t go for a more modern look:


Administrators who want to have something to do while everyone else has ducked out early thanks to the Happy Hour virus may want to ask their Change Control Committee (those who aren’t already in the pub, at any rate) for a ruling on the following:

  • Blocking outbound access to any port with an “8” in it.
  • Removing all web browsers except Lynx to prevent bogus graphics from appearing.
  • Sending out an email to all staff saying, “Do NOT UNDER ANY CIRCUMSTANCES visit the website called happyhourvirus.com.”

Have a good holiday!

Via: sophos


Save pagePDF pageEmail pagePrint page

Leave a Reply

Your email address will not be published. Required fields are marked *