It looks like you're using an Ad Blocker.

Please white-list or disable AboveTopSecret.com in your ad-blocking tool.

Thank you.

 

Some features of ATS will be disabled while you continue to use an ad-blocker.

 

Virus warning.

page: 1
0

log in

join
share:

posted on Nov, 22 2005 @ 05:56 PM
link   
Just a heads up.
There is a worm being sent to E-mail in boxes.
Do not open e-mails with the following subjects:

Your Password
Registration Confirmation
smtp mail failed
Mail delivery failed
hi, ive a new mail address
You visit illegal websites
Your IP was logged
Paris Hilton & Nicole Richie

For more information visit, securityresponse.symantec.com




posted on Nov, 22 2005 @ 06:05 PM
link   
Oh Em Gee!!! My IP has been logged on over 30 illegal websites!! I dont wanna get in trouble, so Im gonna answer the questions provided and send it right back to the CIA!

I got 1 yesterday and 1 today in my ATS email, I was happy to help so i downloaded the zip, extracted File-packed_dataInfo.exe, and tried running it in Wine. I got nothin
.



$ wine ~/Sources/list/File-packed_dataInfo.exe
err:module:import_dll Library MSVBVM60.DLL not found
err:module:LdrInitializeThunk Main exe initialization for "File-packed_dataInfo.exe" failed, status c0000135


Damnit...I REALLY wanted to answer some questions and get on the CIA's good side. Stupid CIA not being Linux compliant.

[edit on 11-22-2005 by dreamlandmafia]



posted on Nov, 22 2005 @ 06:31 PM
link   
30? LMAO! must have some serious slackers working for them!



posted on Nov, 22 2005 @ 06:34 PM
link   
I've received at least 30 of these throughout the day. Thanks to Trend Micro all the attachments were deleted as they came in leaving only the ridiculous messages.

On an aside,
I've noticed a new trend in the Ebay phishing scams. They'll send you an email identical to what you receive when a potential bidder has a question.
They include "typical" questions such as "What's shipping to BFE?" or better yet, "I paid last week where is my purchase? If you don't respond I'll report you to Ebay", etc.

If you attempt to reply you are presented with an Ebay login page [fake].

Just FYI, this is a method I hadn't seen till just recently.

Safe surfing all!

[edit to include]
Here's the virus contained in the attchments I've received:
WORM_SOBER.AG

As of November 21, 2005 2:20 pm (Pacific Standard Time, GMT -8:00) TrendLabs has declared a Medium risk alert in order to control this new SOBER variant that is currently spreading in USA, Canada, Brazil, New Zealand, Belgium, and Germany.


[edit on 11/22/2005 by 12m8keall2c]



posted on Nov, 22 2005 @ 06:38 PM
link   
Thanks Umbrax, for the alert.
Got a Way above for ya..
just because you're looking out for us.



posted on Nov, 22 2005 @ 06:44 PM
link   
dreamlandmafia,

You might want to note the following:

This worm also displays the following fake error message in order to trick a user into thinking that the file did not properly execute:


It also displays the following message boxes:


It also seeks out and terminates the Windows Malicious Software Tool if present thereby making the infected system more vulnerable to further attacks and exploits.

Sorry DreamLandMafia ... I just noticed you're running Linux. Your safe with Linux as this variant seems to require MS Visual Basic libraries to deliver it's payload.

[edit on 11/22/2005 by 12m8keall2c]



posted on Nov, 22 2005 @ 06:46 PM
link   

Originally posted by 12m8keall2c
dreamlandmafia,
It also seeks out and terminates the Windows Malicious Software Toll if present thereby making the infected system more vulnerable to further attacks and exploits.



Note...im in Linux. Hence, Wine.

I was jokin around..cuz I know it couldnt do anything.

[edit on 11-22-2005 by dreamlandmafia]



posted on Nov, 22 2005 @ 07:45 PM
link   
errr I'm getting like 90 of these every other hour and have never opened a single one yet they persist. How can I get rid of them please ?

[edit on 22-11-2005 by ImJaded]



posted on Nov, 22 2005 @ 07:57 PM
link   
ImJaded, you need to configure your email to block or remove email that contains these file; vbs, .bat, .exe, .pif and .scr files.
Every email service is different, so look in your options/settings.


spacedoubt,
.



posted on Nov, 22 2005 @ 08:01 PM
link   
Oh, forgot to mention, it's just happening in hotmail. I usually just close the account and start a new one when i start getting spammed lol

Thanks Umbrax
good lookin out



posted on Nov, 22 2005 @ 08:08 PM
link   

Originally posted by Umbrax
ImJaded, you need to configure your email to block or remove email that contains these file; vbs, .bat, .exe, .pif and .scr files.
Every email service is different, so look in your options/settings.


spacedoubt,
.


Sober.X (this one) is transported in zip files.

I'd look at the incoming addresses (usually spoofed, like mine was Mail@cia.giv and Department@fbi.gov), and block them individually, or if its a domain you know you'd never get an email from, block the entire domain. That would significantly cut down on the number of emails you get.

If you're mail programs supports it, or if its an option in your spam filters, try and filter out all emails with the following subjects:

Ihr Passwort
Account Information (not so much this one maybe, it could get confused with an actual email, from like a forum)
SMTP Mail gescheitert
Mailzustellung wurde unterbrochen
Ermittlungsverfahren wurde eingeleitet
Sie besitzen Raubkopien
RTL: Wer wird Millionaer
Sehr geehrter Ebay-Kunde
Your Password (this one too)
Registration Confirmation
smtp mail failed
Mail delivery failed
hi, ive a new mail address
You visit illegal websites
Your IP was logged
Paris Hilton & Nicole Richie

[edit on 11-22-2005 by dreamlandmafia]

[edit on 11-22-2005 by dreamlandmafia]



posted on Nov, 22 2005 @ 08:28 PM
link   
My wife had 5 of these in her hotmail account today. What scares me is that she's not the most computer literate and is likely to open these. Thankfully I got to them first and deleted them. I don't EVER open an attachment from someone I don't know.



posted on Nov, 22 2005 @ 08:53 PM
link   
I like to do the same thing, DLM, on my mac. Download attachments or .exe's that I know have viruses then laugh as nothing happens.




posted on Nov, 22 2005 @ 09:30 PM
link   
Macs are outstanding if you want to make nothing happen...

jus kiddin!!! I have both, use both, repair both...etc, etc...



posted on Nov, 22 2005 @ 09:45 PM
link   
My friend knows a fellow librarian that used to have a Power Mac. All she had to do to confuse it was turn it on. She'd turn it on, and it would sit there thinking, and thinking, and thinking until she finally gave up on it and turned it off again.



posted on Nov, 24 2005 @ 03:30 PM
link   
A good friend of mine is a graphic arts instructor, and he used to keep a virus as his "pet", on a 3 1/2 floppy. Anyhow, he used Macs since he was in the graphic technology field, and when someone asked him about Mac vs. PC security, he would pull out a Windows 2000 machine, and a Mac machine, load the virus on both, and showed everyone which computer was infected, and which one wasn't. He gave me the demonstration once, I found it very interesting.



new topics

top topics



 
0

log in

join