Results 1 to 4 of 4
Thread: Virus Warning.
-
07-27-2004, 12:00 PM #1
Hey folks,
Just want to give everyone a heads` up. There are several versions of
MyDoom running around right now. Version O is the latest (that I know of)
and it spoofs email addresses and has a bit of sneaky prose in it along
with the attached virus:
>From: "The Post Office" <postmaster@oracle.wizards.com>
>To: birthright-l-request@oracle.wizards.com
>Subject: Returned mail: Data format error
>Date: Tue, 27 Jul 2004 01:23:51 -0700
>X-Mailer: Microsoft Outlook Express 6.00.2600.0000
>X-ELNK-AV: 0
>
>Dear user birthright-l-request@oracle.wizards.com,
>
>Your email account has been used to send a large amount of spam during
>this week.
>Most likely your computer had been compromised and now runs a trojan proxy
>server.
>
>We recommend that you follow instruction in order to keep your computer safe.
>
>Sincerely yours,
>oracle.wizards.com support team.
Below this text is an attached file called (in the version sent me)
"birthright-l-request@oracle.wizards.com" which is, of course, the
virus. Cute, huh?
Here`s a link to the McAfee description of the virus:
http://vil.nai.com/vil/content/v_127033.htm
Though the above message appears to come from the Wizards` server that
doesn`t mean that the wizards` server is infected. In fact, it probably
isn`t, but if you get something that looks like it`s from wizards--or just
about anyone at the moment--and has an attachment there`s a pretty good
chance its not what it appears to be.
If you`re using Norton/Semantic antivirus, BTW, they appear to be up to
version M of this virus as of the time of this writing. I`m sure they`ll
catch up soon, but if you`re using that software be particularly on your
guard since it will get past their realtime scanning.
Gary
-
07-27-2004, 12:14 PM #2
damn i use norton... thanks for the head up.
"Who was the first that forged the deadly blade? Of rugged steel his savage soul was made." --Tibullus
"Qui desiderat pacem praeparet bellum." --Vegetius
"Men grow tired of sleep, love, singing and dancing sooner than war." --Homer
-
07-27-2004, 07:20 PM #3
At 02:14 PM 7/27/2004 +0200, tcharazazel wrote:
> damn i use norton... thanks for the head up.
Correction (sort of): It looks like Norton/Semantec calls this version of
Mydoom "M" while McAfee calls it "O". Realtime scanning did not appear to
find the file that got sent to me, even though I had updated virus
definitions, so I`m not sure what`s going on with it.... In any case, a
little extra vigilance over the next couple of days can`t hurt.
Gary
-
07-27-2004, 09:36 PM #4
Danke schön!
Thread Information
Users Browsing this Thread
There are currently 1 users browsing this thread. (0 members and 1 guests)
Bookmarks