| Submit your comments on this article |
| Virus warning |
| 2004-03-03 |
I received multiple copies of the following in my inbox this morning:Dear user of "Rantburg.com" mailing system,Since I'm the "Rantburg.com team," I know it's not so. Naturally, there was a virus (or worm) attached. When you receive a similar message from your ISP, I'd suggest you don't click on it. I'd guess this is going to be a pretty quick spreader. |
| Posted by:Fred |
| #13 Old Patriot: The worst spam operators are well known and the list is relatively small. Check out ROSKO on Spamhaus for example. These people are all violating numerous laws--we don't need any new ones to go after them. When Justice went after Tommy Chong rather than someone on the ROSKO list, I thought perhaps there had been a failure of communication. Ashcroft said something like, "Bring me the head of a spammer!" which was misinterpreted as "Bring me a pot head!". |
| Posted by: Classic_Liberal 2004-3-4 12:30:57 AM |
| #12 It's not just those with their own domain names. I got one with my local service provider's name. I was just over there an hour or so ago, talking about a locked-up modem (it hung, and hung up my system until I rebooted), so I knew the message was bogus. Besides, our local service rep always uses his Christian name, which is not a common one, on real messages. I have this dream of catching one of these bas$$$$$ who perpetuate viruses or worms, or a major spammer, and make him sit on a high bar stool, deleting tens of thousands of emails one at a time by hand, on a desk-top keyboard, where they'll have to bend over and put a strain on their back. Every once in awhile, I'd come in and pour icewater down their back, while yelling for them to work faster. |
| Posted by: Old Patriot 2004-3-3 7:49:09 PM |
| #11 Some of those who got this email were probably included because spidering RB provided their email addresses. Sorry, folks, but every time you provide it on a web page or send an e-card or any of a dozen other actions, you become fair game for the jerks. The only defenses are putting some anti-spam (so you never see it in the first place) and anti-viral software (kept up to date so it can prevent those emails that slip through from infecting your system) on your machine. Sigh. If only these people directed their energies to something substantive and positive. |
| Posted by: .com 2004-3-3 6:28:14 PM |
| #10 The "password protection" on the attachment is actually security for the WORM. The password-protected zip file is inaccessible to virus protection systems so they would ostensibly pass the file along to the OS. (The major AV companies have updated their definitions with the signature of the zip file though, so if you're updated, the virus will be trapped. People who aren't updated though, are probably still posting on Democratic Underground.) |
| Posted by: Bennett Reddin 2004-3-3 5:05:05 PM |
| #9 Nuked one domain level above me. Excellent. It allows me more RB time. |
| Posted by: Shipman 2004-3-3 4:53:45 PM |
| #8 It's Bagle.K: The new version of Bagle, Bagle.K, is also spreading, in part because of its convincing e-mail message. The text of a Bagle.K-infected e-mail indicates the recipient has a virus -- and it appears to come from the support staff of the recipient's company. The text can read: "Some of our clients complained about the spam (negative e-mail content) outgoing from your e-mail account. Probably, you have been infected by a proxy-relay trojan server. In order to keep your computer safe, follow the instructions." Recipients are then urged to click on a link to clean up their infected computer -- and if they do, they are duped into infecting themselves with Bagle.K. |
| Posted by: Steve 2004-3-3 4:24:04 PM |
| #7 I've got several .org and .com domains and I can assure you those teams are complete slackers. The whole show wants outsourcing to Bangalore. The intersection of spammers, virulent email worms and hundreds of thousands (if not millions) of compromised PCs has got potential to be a serious national security problem. I'll look for an opportunity to post something on this. |
| Posted by: Classic_Liberal 2004-3-3 4:06:26 PM |
| #6 A similar message came to me, seemingly from otenet.gr. |
| Posted by: Aris Katsaris 2004-3-3 3:17:25 PM |
| #5 Ok, first of all, what "security" is supposed to be provided by including the password along with the "protected" attachment? But I guess logic isn't most e-mail user's long suit, huh? This is somewhat better (in a technical sense) at looking like a real mail than most, but still a huge chunk of obvious bogosity, dudes. |
| Posted by: mojo 2004-3-3 2:15:11 PM |
| #4 This one's really hot today. I got one too, and the other members of my team of one never show up for work either. Norton AntiVirus took care of it. |
| Posted by: Tom 2004-3-3 2:11:42 PM |
| #3 Earthlink users beware. I got suckered by sender 'noreply@earthlink.net' saying my mail had been disabled due to unauthorized access. McAfee killed it as soon as I opened it, fortunately. |
| Posted by: Pamela 2004-3-3 11:43:26 AM |
| #2 I got it also. I doubt it will go far because it looks like it only goes to people with their own domain name. As I control the users in my domain I knew there was not support@davis.org so immediately smelled a virus as the ISP confirmed. |
| Posted by: Mr. Davis 2004-3-3 11:21:19 AM |
| #1 I got the same message from the simmins.org team. My virus software got the attachment, but I wasn't dumb enough to try to open it anyway. I hope I'm not paying the other members of the simmins.org team. They never show up for work. |
| Posted by: Chuck Simmins 2004-3-3 11:17:12 AM |