It looks like you're using an Ad Blocker.
Please white-list or disable AboveTopSecret.com in your ad-blocking tool.
Thank you.
Some features of ATS will be disabled while you continue to use an ad-blocker.
SCI/TECH: Worm Masquerades as Antiporn Tool
page: 10
share:
A new worm that comes in an email claiming to be an anti-porn tool is currently circulating. The worm has been named W32/Baba-C by antivirus vendor
Sophos. The worm is in the early stages, but has the potential to spread.
www.pcworld.com
Reports are coming in of a new e-mail-based worm variant that cleverly poses as a tool for removing evidence of pornography from the hard disk of recipients.
The mass-mailer, dubbed W32/Baba-C by antivirus vendor Sophos, falsely claims in its subject line that it has detected adult-related material on a PC and suggests the user run the attached "evidence cleaner" to remove traces of it having been there.
This follows on the heels of news today that another worm disguised itself as a plea for tsunami aid.
Clicking on the W32/Baba-C mailer installs the worm, which then mails itself to people in the user's various e-mail address books and opens a back door for hackers to gain access to the compromised PC. If an infection has taken place, the worm communicates back to the point of origin to let it know a new PC has been hacked. The worm sender could then initiate data theft from this PC.
Please visit the link provided for the complete story.
I guess the word of caution here should be that you never click anything that comes in an email whose sender you don't know. When I had my email account with WebTV, it was not uncommon to get spam from myself or others in my address book. Fortunately, WebTV is immune to malware. I haven't had any such experiences with my computer.
www.pcworld.com
Reports are coming in of a new e-mail-based worm variant that cleverly poses as a tool for removing evidence of pornography from the hard disk of recipients.
The mass-mailer, dubbed W32/Baba-C by antivirus vendor Sophos, falsely claims in its subject line that it has detected adult-related material on a PC and suggests the user run the attached "evidence cleaner" to remove traces of it having been there.
This follows on the heels of news today that another worm disguised itself as a plea for tsunami aid.
Clicking on the W32/Baba-C mailer installs the worm, which then mails itself to people in the user's various e-mail address books and opens a back door for hackers to gain access to the compromised PC. If an infection has taken place, the worm communicates back to the point of origin to let it know a new PC has been hacked. The worm sender could then initiate data theft from this PC.
Please visit the link provided for the complete story.
I guess the word of caution here should be that you never click anything that comes in an email whose sender you don't know. When I had my email account with WebTV, it was not uncommon to get spam from myself or others in my address book. Fortunately, WebTV is immune to malware. I haven't had any such experiences with my computer.
Computer virus experts at Sophos have identified that a new mass-mailing worm may have a link to a university based in South Korea.
The W32/Baba worm distributes itself via email claiming to be an mail delivery error message, but if users click on the attached file the virus will infect the PC and try to forward itself to other email addresses found on the computer.
Hidden inside the worm are the phrases "SoonChunHyang" and "Bucheon", which do not get displayed. The text references the SoonChunHyang University located in Bucheon, South Korea.
"It's curious that the author of this virus has hidden these phrases deep within his code," said Graham Cluley, senior technology consultant for Sophos. "In the past, virus writers have found it hard not to leave messages inside their code - often revealing clues as to the possible origin of their creations. Regardless of the reason why the virus writer did this, all computer users should ensure they are protected against the latest email threats."
Although some anti-virus vendors reported that this virus was a variant of the Netsky worm, it bears no relation to that family of worms.
Source: www.sophos.com...
The W32/Baba worm distributes itself via email claiming to be an mail delivery error message, but if users click on the attached file the virus will infect the PC and try to forward itself to other email addresses found on the computer.
Hidden inside the worm are the phrases "SoonChunHyang" and "Bucheon", which do not get displayed. The text references the SoonChunHyang University located in Bucheon, South Korea.
"It's curious that the author of this virus has hidden these phrases deep within his code," said Graham Cluley, senior technology consultant for Sophos. "In the past, virus writers have found it hard not to leave messages inside their code - often revealing clues as to the possible origin of their creations. Regardless of the reason why the virus writer did this, all computer users should ensure they are protected against the latest email threats."
Although some anti-virus vendors reported that this virus was a variant of the Netsky worm, it bears no relation to that family of worms.
Source: www.sophos.com...
The best advice for this one is to have a real virus scanner and current DAT files. This virus was discovered in October 04 so if you have say McAfee
or Norton with current DAT files you don't really have much to be worried about.
If you don't have current DATs well... this is probably the least of what you have on your system.
Right click your virus scanner's icon in the system tray (near the little clock) and look at the properties, it will tell you when your files were last updated. If the date is more than like a week old, you may have a problem.
EDIT: Oops didn't see this was Baba.C. Baba.A was around in October. Well my McAfee is now last updated 1/19/05 most likely to reflect this, so it goes to prove my point about keeping updated. You'll save yourself lots of money and time!! Incidentally, AOL 9.0 now has McAfee packaged with it for free, so there's less excuses to not have current files. Do it.
[edit on 1-19-2005 by Djarums]
If you don't have current DATs well... this is probably the least of what you have on your system.
Right click your virus scanner's icon in the system tray (near the little clock) and look at the properties, it will tell you when your files were last updated. If the date is more than like a week old, you may have a problem.
EDIT: Oops didn't see this was Baba.C. Baba.A was around in October. Well my McAfee is now last updated 1/19/05 most likely to reflect this, so it goes to prove my point about keeping updated. You'll save yourself lots of money and time!! Incidentally, AOL 9.0 now has McAfee packaged with it for free, so there's less excuses to not have current files. Do it.
[edit on 1-19-2005 by Djarums]
I check for new virus definitions from Norton daily and virtually daily there is a file to download. Anyone who doesn't run a good anti-virus
software and a firewall is crazy, in my book.
new topics
-
Meadows, Giuliani Among 11 Indicted in Arizona in Latest 2020 Election Subversion Case
Mainstream News: 31 minutes ago -
Massachusetts Drag Queen Leads Young Kids in Free Palestine Chant
Social Issues and Civil Unrest: 46 minutes ago -
Weinstein's conviction overturned
Mainstream News: 2 hours ago -
Supreme Court Oral Arguments 4.25.2024 - Are PRESIDENTS IMMUNE From Later Being Prosecuted.
Above Politics: 3 hours ago -
Krystalnacht on today's most elite Universities?
Social Issues and Civil Unrest: 3 hours ago -
Chris Christie Wishes Death Upon Trump and Ramaswamy
Politicians & People: 4 hours ago -
University of Texas Instantly Shuts Down Anti Israel Protests
Education and Media: 6 hours ago -
Any one suspicious of fever promotions events, major investor Goldman Sachs card only.
The Gray Area: 8 hours ago
top topics
-
VP's Secret Service agent brawls with other agents at Andrews
Mainstream News: 17 hours ago, 11 flags -
Krystalnacht on today's most elite Universities?
Social Issues and Civil Unrest: 3 hours ago, 7 flags -
Weinstein's conviction overturned
Mainstream News: 2 hours ago, 6 flags -
Electrical tricks for saving money
Education and Media: 16 hours ago, 5 flags -
Supreme Court Oral Arguments 4.25.2024 - Are PRESIDENTS IMMUNE From Later Being Prosecuted.
Above Politics: 3 hours ago, 5 flags -
University of Texas Instantly Shuts Down Anti Israel Protests
Education and Media: 6 hours ago, 3 flags -
Massachusetts Drag Queen Leads Young Kids in Free Palestine Chant
Social Issues and Civil Unrest: 46 minutes ago, 2 flags -
Any one suspicious of fever promotions events, major investor Goldman Sachs card only.
The Gray Area: 8 hours ago, 2 flags -
Chris Christie Wishes Death Upon Trump and Ramaswamy
Politicians & People: 4 hours ago, 1 flags -
God's Righteousness is Greater than Our Wrath
Religion, Faith, And Theology: 12 hours ago, 1 flags
0