Results 1 to 4 of 4

Thread: Virus Warning.

  1. #1
    Site Moderator geeman's Avatar
    Join Date
    Nov 2001
    Location
    California, USA
    Posts
    2,165
    Downloads
    4
    Uploads
    0
    Hey folks,



    Just want to give everyone a heads` up. There are several versions of

    MyDoom running around right now. Version O is the latest (that I know of)

    and it spoofs email addresses and has a bit of sneaky prose in it along

    with the attached virus:



    >From: "The Post Office" <postmaster@oracle.wizards.com>

    >To: birthright-l-request@oracle.wizards.com

    >Subject: Returned mail: Data format error

    >Date: Tue, 27 Jul 2004 01:23:51 -0700

    >X-Mailer: Microsoft Outlook Express 6.00.2600.0000

    >X-ELNK-AV: 0

    >

    >Dear user birthright-l-request@oracle.wizards.com,

    >

    >Your email account has been used to send a large amount of spam during

    >this week.

    >Most likely your computer had been compromised and now runs a trojan proxy

    >server.

    >

    >We recommend that you follow instruction in order to keep your computer safe.

    >

    >Sincerely yours,

    >oracle.wizards.com support team.



    Below this text is an attached file called (in the version sent me)

    "birthright-l-request@oracle.wizards.com" which is, of course, the

    virus. Cute, huh?



    Here`s a link to the McAfee description of the virus:



    http://vil.nai.com/vil/content/v_127033.htm



    Though the above message appears to come from the Wizards` server that

    doesn`t mean that the wizards` server is infected. In fact, it probably

    isn`t, but if you get something that looks like it`s from wizards--or just

    about anyone at the moment--and has an attachment there`s a pretty good

    chance its not what it appears to be.



    If you`re using Norton/Semantic antivirus, BTW, they appear to be up to

    version M of this virus as of the time of this writing. I`m sure they`ll

    catch up soon, but if you`re using that software be particularly on your

    guard since it will get past their realtime scanning.



    Gary

  2. #2
    damn i use norton... thanks for the head up.
    "Who was the first that forged the deadly blade? Of rugged steel his savage soul was made." --Tibullus

    "Qui desiderat pacem praeparet bellum." --Vegetius

    "Men grow tired of sleep, love, singing and dancing sooner than war." --Homer

  3. #3
    Site Moderator geeman's Avatar
    Join Date
    Nov 2001
    Location
    California, USA
    Posts
    2,165
    Downloads
    4
    Uploads
    0
    At 02:14 PM 7/27/2004 +0200, tcharazazel wrote:



    > damn i use norton... thanks for the head up.



    Correction (sort of): It looks like Norton/Semantec calls this version of

    Mydoom "M" while McAfee calls it "O". Realtime scanning did not appear to

    find the file that got sent to me, even though I had updated virus

    definitions, so I`m not sure what`s going on with it.... In any case, a

    little extra vigilance over the next couple of days can`t hurt.



    Gary

  4. #4
    Senior Member RaspK_FOG's Avatar
    Join Date
    May 2003
    Location
    Moschato, Athens, Greece
    Posts
    1,128
    Downloads
    1
    Uploads
    0
    Danke sch&#246;n&#33;

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Tags for this Thread

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  
BIRTHRIGHT, DUNGEONS & DRAGONS, D&D, the BIRTHRIGHT logo, and the D&D logo are trademarks owned by Wizards of the Coast, Inc., a subsidiary of Hasbro, Inc., and are used by permission. ©2002-2010 Wizards of the Coast, Inc.