new virus threat: watch your shit. - X Nations
      
      
Go Back   X Nations > X Nations > General Webmaster Business and Discussions

Reply
 
Thread Tools Display Modes
Old 01-27-2004, 05:48 AM   #1
iroc409
iroc409 should edit this
Defender of the Empire.
 
Join Date: May 2003
Location: midwest side, yo
Posts: 62
xBucks: 613
Send a message via ICQ to iroc409
Default new virus threat: watch your shit.

in case you haven't heard, there's a new virus in town that's spreading pretty bad through email.

i got a couple mails from it today, one of them came from one of my sponsors, and another to the same addy, so i imagine they got hit.

hopefully i'm not sending my clients a bunch of these emails, it does it automatically, but i ran a thorough scan and didn't open the attachments and everything looks clean, so i'll hope.

has a pretty bad back door security hole tho.

good info about it if you want to read more:

http://securityresponse.symantec.com...varg.a@mm.html
__________________
<a href="http://www.iroc409.com/"><img src="http://www.iroc409.com/adv/120x60.gif" border=0></a>


icq: 1 7 6 4 2 0 9 6 0
Gallery templates for ONLY $25! w00t!
iroc409 is offline   Reply With Quote
Old 01-27-2004, 07:26 PM   #2
wsjb78
wsjb78 should edit this
Local Shadow Agent #1
 
wsjb78's Avatar
 
Join Date: Nov 2002
Location: Home
Posts: 1,061
xBucks: 16,992
Default

I don't think your sponsor got the email... I bet just fake sender and reply-to addresses were used...
Same happens to me also... I get undelievered mail messages because someone makes it appear that I sent out the worm.
wsjb78 is offline   Reply With Quote
Old 01-28-2004, 06:55 AM   #3
iroc409
iroc409 should edit this
Defender of the Empire.
 
Join Date: May 2003
Location: midwest side, yo
Posts: 62
xBucks: 613
Send a message via ICQ to iroc409
Default

that very well could be, i got a couple of those "non deliverable mail" messages.

however i'm sure the email address i received it on is what the sponsor has on file, and i hardly ever have used the address (except for a couple places _several_ months ago, so very few people/lists actually have it).

so, it may or may not be them sending it, but i won't hold it against them, these things happen. that's why i protect my own ass in these cases, lol. virii i do not catch easily.
__________________
<a href="http://www.iroc409.com/"><img src="http://www.iroc409.com/adv/120x60.gif" border=0></a>


icq: 1 7 6 4 2 0 9 6 0
Gallery templates for ONLY $25! w00t!
iroc409 is offline   Reply With Quote
Old 01-28-2004, 11:15 AM   #4
Bratt
Bratt should edit this
Bratt's Links
 
Bratt's Avatar
 
Join Date: Feb 2003
Location: Florida
Posts: 156
xBucks: 4,180
Send a message via ICQ to Bratt
Default

i have been getting a bunch of the 'undeliverable mail' emails the last few days... as well as alot of the ones with attachments. As a rule, I don't open any attachments unless I know the sender and then i scan it first.
__________________
Bratts Links - XXX Adult Links
Bratt is offline   Reply With Quote
Old 01-28-2004, 12:44 PM   #5
wsjb78
wsjb78 should edit this
Local Shadow Agent #1
 
wsjb78's Avatar
 
Join Date: Nov 2002
Location: Home
Posts: 1,061
xBucks: 16,992
Default

You have just to be careful on what attachments to open...

e.g. no .src / .bat / .exe / ... and .doc / .xls could contain visual basic code...

Furthermore I would recommend you to always display the file extension:

1.) Open Explorer
2.) Click on "View" and then select "Folder Options"
3.) Select the "View" tab. The one between "General" and "File Types"
4.) Disable the option "Hide file extension for known file types."
wsjb78 is offline   Reply With Quote
Old 01-28-2004, 11:52 PM   #6
iroc409
iroc409 should edit this
Defender of the Empire.
 
Join Date: May 2003
Location: midwest side, yo
Posts: 62
xBucks: 613
Send a message via ICQ to iroc409
Default

i believe this virus uses a .pif extention, or something like that. it's _generally_ not a standard extension.

i think the one i rec'd was a .pif.
__________________
<a href="http://www.iroc409.com/"><img src="http://www.iroc409.com/adv/120x60.gif" border=0></a>


icq: 1 7 6 4 2 0 9 6 0
Gallery templates for ONLY $25! w00t!
iroc409 is offline   Reply With Quote
Old 01-29-2004, 03:54 AM   #7
wsjb78
wsjb78 should edit this
Local Shadow Agent #1
 
wsjb78's Avatar
 
Join Date: Nov 2002
Location: Home
Posts: 1,061
xBucks: 16,992
Default

Well, .pif is still recognized by the system as known file type extension and hence if your receive a filename.txt.pif file you will only see "filename.txt"
wsjb78 is offline   Reply With Quote
Old 01-29-2004, 03:20 PM   #8
iroc409
iroc409 should edit this
Defender of the Empire.
 
Join Date: May 2003
Location: midwest side, yo
Posts: 62
xBucks: 613
Send a message via ICQ to iroc409
Default

Quote:
Originally posted by wsjb78
Well, .pif is still recognized by the system as known file type extension and hence if your receive a filename.txt.pif file you will only see "filename.txt"

ahh... cools. i never use .pif files, so i didn't know that

but i always set up systems immediately on install to show all files and not hide file extensions...
__________________
<a href="http://www.iroc409.com/"><img src="http://www.iroc409.com/adv/120x60.gif" border=0></a>


icq: 1 7 6 4 2 0 9 6 0
Gallery templates for ONLY $25! w00t!
iroc409 is offline   Reply With Quote
Old 01-29-2004, 03:25 PM   #9
Bratt
Bratt should edit this
Bratt's Links
 
Bratt's Avatar
 
Join Date: Feb 2003
Location: Florida
Posts: 156
xBucks: 4,180
Send a message via ICQ to Bratt
Default

Here is a little more I found about the MyDoom virus



http://securityresponse.symantec.com...varg.a@mm.html
__________________
Bratts Links - XXX Adult Links
Bratt is offline   Reply With Quote
Old 01-29-2004, 03:37 PM   #10
XxXotic
XxXotic should edit this
Jesus Saves!
 
XxXotic's Avatar
 
Join Date: Aug 2002
Location: yo panties!
Posts: 395
xBucks: 3,253
Send a message via ICQ to XxXotic Send a message via AIM to XxXotic Send a message via Yahoo to XxXotic
Default

i was wondering why all these virii were getting through and noticed my nortons had expired, so i updated it, found like 45 java exploit trojans on my PC and now anything trying to get in my box nortons nukes again... thank god for nortons
__________________
Make More Money Then A Hug Salesman in Retard Town With Rage Cash
Sites So Hot You'll Sweat Harder Then R Kelly At A Girl Scout Meeting!
iCQ:135.887013
XxXotic is offline   Reply With Quote
Old 01-29-2004, 03:38 PM   #11
XxXotic
XxXotic should edit this
Jesus Saves!
 
XxXotic's Avatar
 
Join Date: Aug 2002
Location: yo panties!
Posts: 395
xBucks: 3,253
Send a message via ICQ to XxXotic Send a message via AIM to XxXotic Send a message via Yahoo to XxXotic
Default

oh, and for anyone who doesnt have a virus scanner, http://housecall.trendmicro.com/ use that, it's one of the best free scanners on available.
__________________
Make More Money Then A Hug Salesman in Retard Town With Rage Cash
Sites So Hot You'll Sweat Harder Then R Kelly At A Girl Scout Meeting!
iCQ:135.887013
XxXotic is offline   Reply With Quote
Old 01-30-2004, 02:36 PM   #12
theS2O
theS2O should edit this
Member
 
theS2O's Avatar
 
Join Date: Dec 2003
Location: studio
Posts: 35
xBucks: 285
Send a message via ICQ to theS2O
Default

Quote:
Originally posted by Bratt
i have been getting a bunch of the 'undeliverable mail' emails the last few days... as well as alot of the ones with attachments. As a rule, I don't open any attachments unless I know the sender and then i scan it first.
same here. got a bunch of emails, undeliverable, etc just for today... it's kinda scary coz it's just keep on coming in almost every 10 mins...
__________________
<font face="verdana"><font size="1"><b>icq: 280646555
theS2O is offline   Reply With Quote
Reply


Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is On
Forum Jump

Powered by vBulletin® Version 3.7.3
Copyright ©2000 - 2024, Jelsoft Enterprises Ltd.
vBCredits v1.4 Copyright ©2007 - 2008, PixelFX Studios
2013 - xnations.com
All times are GMT -4. The time now is 09:42 PM.
Skin by vBCore.com