Archived material Access restricted Article
Rantburg

Today's Front Page   View All of Wed 03/03/2004 View Tue 03/02/2004 View Mon 03/01/2004 View Sun 02/29/2004 View Sat 02/28/2004 View Fri 02/27/2004 View Thu 02/26/2004
1
2004-03-03 
Virus warning
Archived material is restricted to Rantburg regulars and members. If you need access email fred.pruitt=at=gmail.com with your nick to be added to the members list. There is no charge to join Rantburg as a member.
Posted by Fred 2004-03-03 11:01|| || Front Page|| [3 views since 2007-05-07]  Top

#1 I got the same message from the simmins.org team. My virus software got the attachment, but I wasn't dumb enough to try to open it anyway.

I hope I'm not paying the other members of the simmins.org team. They never show up for work.
Posted by Chuck Simmins  2004-3-3 11:17:12 AM|| [http://blog.simmins.org]  2004-3-3 11:17:12 AM|| Front Page Top

#2 I got it also. I doubt it will go far because it looks like it only goes to people with their own domain name. As I control the users in my domain I knew there was not support@davis.org so immediately smelled a virus as the ISP confirmed.
Posted by Mr. Davis  2004-3-3 11:21:19 AM||   2004-3-3 11:21:19 AM|| Front Page Top

#3 Earthlink users beware. I got suckered by sender 'noreply@earthlink.net' saying my mail had been disabled due to unauthorized access.
McAfee killed it as soon as I opened it, fortunately.
Posted by Pamela 2004-3-3 11:43:26 AM||   2004-3-3 11:43:26 AM|| Front Page Top

#4 This one's really hot today. I got one too, and the other members of my team of one never show up for work either. Norton AntiVirus took care of it.
Posted by Tom 2004-3-3 2:11:42 PM||   2004-3-3 2:11:42 PM|| Front Page Top

#5 Ok, first of all, what "security" is supposed to be provided by including the password along with the "protected" attachment?

But I guess logic isn't most e-mail user's long suit, huh? This is somewhat better (in a technical sense) at looking like a real mail than most, but still a huge chunk of obvious bogosity, dudes.
Posted by mojo  2004-3-3 2:15:11 PM||   2004-3-3 2:15:11 PM|| Front Page Top

#6 A similar message came to me, seemingly from otenet.gr.
Posted by Aris Katsaris  2004-3-3 3:17:25 PM||   2004-3-3 3:17:25 PM|| Front Page Top

#7 I've got several .org and .com domains and I can assure you those teams are complete slackers. The whole show wants outsourcing to Bangalore.

The intersection of spammers, virulent email worms and hundreds of thousands (if not millions) of compromised PCs has got potential to be a serious national security problem. I'll look for an opportunity to post something on this.
Posted by Classic_Liberal 2004-3-3 4:06:26 PM||   2004-3-3 4:06:26 PM|| Front Page Top

#8 It's Bagle.K:
The new version of Bagle, Bagle.K, is also spreading, in part because of its convincing e-mail message. The text of a Bagle.K-infected e-mail indicates the recipient has a virus -- and it appears to come from the support staff of the recipient's company. The text can read: "Some of our clients complained about the spam (negative e-mail content) outgoing from your e-mail account. Probably, you have been infected by a proxy-relay trojan server. In order to keep your computer safe, follow the instructions." Recipients are then urged to click on a link to clean up their infected computer -- and if they do, they are duped into infecting themselves with Bagle.K.
Posted by Steve  2004-3-3 4:24:04 PM||   2004-3-3 4:24:04 PM|| Front Page Top

#9 Nuked one domain level above me. Excellent. It allows me more RB time.
Posted by Shipman 2004-3-3 4:53:45 PM||   2004-3-3 4:53:45 PM|| Front Page Top

#10 The "password protection" on the attachment is actually security for the WORM. The password-protected zip file is inaccessible to virus protection systems so they would ostensibly pass the file along to the OS. (The major AV companies have updated their definitions with the signature of the zip file though, so if you're updated, the virus will be trapped. People who aren't updated though, are probably still posting on Democratic Underground.)
Posted by Bennett Reddin 2004-3-3 5:05:05 PM||   2004-3-3 5:05:05 PM|| Front Page Top

#11 Some of those who got this email were probably included because spidering RB provided their email addresses. Sorry, folks, but every time you provide it on a web page or send an e-card or any of a dozen other actions, you become fair game for the jerks. The only defenses are putting some anti-spam (so you never see it in the first place) and anti-viral software (kept up to date so it can prevent those emails that slip through from infecting your system) on your machine.

Sigh. If only these people directed their energies to something substantive and positive.
Posted by .com 2004-3-3 6:28:14 PM||   2004-3-3 6:28:14 PM|| Front Page Top

#12 It's not just those with their own domain names. I got one with my local service provider's name. I was just over there an hour or so ago, talking about a locked-up modem (it hung, and hung up my system until I rebooted), so I knew the message was bogus. Besides, our local service rep always uses his Christian name, which is not a common one, on real messages.

I have this dream of catching one of these bas$$$$$ who perpetuate viruses or worms, or a major spammer, and make him sit on a high bar stool, deleting tens of thousands of emails one at a time by hand, on a desk-top keyboard, where they'll have to bend over and put a strain on their back. Every once in awhile, I'd come in and pour icewater down their back, while yelling for them to work faster.
Posted by Old Patriot  2004-3-3 7:49:09 PM|| [http://users.codenet.net/mweather/default.htm]  2004-3-3 7:49:09 PM|| Front Page Top

#13 Old Patriot:

The worst spam operators are well known and the list is relatively small. Check out ROSKO on Spamhaus for example. These people are all violating numerous laws--we don't need any new ones to go after them.

When Justice went after Tommy Chong rather than someone on the ROSKO list, I thought perhaps there had been a failure of communication. Ashcroft said something like, "Bring me the head of a spammer!" which was misinterpreted as "Bring me a pot head!".
Posted by Classic_Liberal 2004-3-4 12:30:57 AM||   2004-3-4 12:30:57 AM|| Front Page Top

05:37 Anonymous1424
09:45 rkb
09:25 .com
09:21 Anonymous5161
09:40 ClareLopez
22:17 Minutus
04:50 SON OF TOLUI
04:31 SON OF TOLUI
00:30 Classic_Liberal
00:08 Valentine
00:04 Old Patriot
00:03 Old Patriot
23:56 CrazyFool
23:56 Mike Kozlowski
23:51 CrazyFool
23:47 Old Patriot
23:47 Anonymous2U
23:43 Mr. Davis
23:41 Anonymous2U
23:34 Anonymous
23:32 Hyper
23:31 Old Patriot
23:26 Hyper
23:07 Super Hose









Paypal:
Google
Search WWW Search rantburg.com