|
26 Jun 03 - 01:57 PM (#972835) Subject: Tech: new virus attachment From: fretless Received warning this AM about a new bug...as well as about a dozen messages witht the zip file/virus attached. Time to hit the delete button! The latest in a family of Sobig worms is loose on the Internet. Sobig.e (w32.sobig.e@mm) arrives by e-mail with an attached file and also spreads using shared network files. Unlike previous variations of Sobig, this one uses subject headings borrowed from Sobig.c and only one attached filename, making it somewhat easier to recognize. Sobig.e affects only Windows users. Once executed, however, Sobig.e will attempt to send copies of itself via its own SMTP engine. It will also attempt to download Trojan horse files from a Web site. Sobig.e is self-terminating and will spread only until July 14, 2003. Because Sobig.e spreads via e-mail and network share and may steal personal information such as passwords, this worm rates a 6 on the ZDNet Virus Meter |
|
26 Jun 03 - 01:59 PM (#972837) Subject: RE: Tech: new virus attachment From: McGrath of Harlow So if we make a point of not opening attachments can we relax about this one? |
|
26 Jun 03 - 02:05 PM (#972841) Subject: RE: Tech: new virus attachment From: fretless That's my understanding. The attachments come as zip files, and the nasty part of this one appears to be that it can steal addresses and arrive as a message from a familiar source. |
|
26 Jun 03 - 02:27 PM (#972851) Subject: RE: Tech: new virus attachment From: Geoff the Duck Here's a BLICKY to Symantec's virus warning page http://securityresponse.symantec.com/avcenter/venc/data/w32.sobig.e@mm.html. Quack! |
|
26 Jun 03 - 02:59 PM (#972868) Subject: RE: Tech: new virus attachment From: Geoff the Duck According to Symantec the virus to leaves a file named msrrf.dat on your C:\ drive. If you do a search and find the file present I presume you are infected. Likewise I assume that if the file isn't found your system is clean of this particular virus. GtD. |
|
26 Jun 03 - 03:00 PM (#972869) Subject: RE: Tech: new virus attachment From: SeanM Standard warning - only accept attachments from a trusted source whom you *know* is sending you the attachment, and even then only open it *after* you've run it through an updated virus scanner. M |
|
26 Jun 03 - 04:36 PM (#972908) Subject: RE: Tech: new virus attachment From: GUEST,jennifer I was dumbfounded to read on the Hotmail pages for "dealing with spam" the instructions "do not send attachments [to the spam reporting address] as we cannot open them, open the attachment and cut and paste the contents". Is this incredibly stupid or have I missed the point somewhere? Having gone through all their ideas I went back to just putting up with it. Jennifer |
|
26 Jun 03 - 04:45 PM (#972912) Subject: RE: Tech: new virus attachment From: Joe Offer Hi, Jennifer - They're right. Attachments are annoying, a problem to open, and risky. There's no reason you can't highlight the text of whatever, copy it, and paste it into the text of your e-mail message. I often get e-mails from people who forward other e-mails to me as attachments. I routinely delete them. If they're too lazy or not smart enough to know how to copy-paste, whatever they're sending me probably doesn't have much value, either. And they're probably not smart enough or careful enough to be able to avoid sending me a virus. -Joe Offer- |
|
26 Jun 03 - 05:54 PM (#972951) Subject: RE: Tech: new virus attachment From: Willie-O Um. Joe, I think what Jennifer thinks is stupid is if people interpret that instruction to mean "open the attachment that you think carries a virus", which is obviously not a good idea. Maybe what they really mean at Hotmail, and are not clear enough about is "don't send us attachments, period, because we are security-conscious like Joe and will just delete them." W-O |
|
26 Jun 03 - 06:11 PM (#972956) Subject: RE: Tech: new virus attachment From: Mr Red I'm with you Joe but - is there not an automated process whereby forwarded e-mails get encapsulated. May be a Unix app or mac or obscure PC app but when there are people who can argue that my site contains errors (as if!) while I argue those data are not on my site and they don't even know that when the visual syntax changes it ain't me ...... well it is no surprise that viruses spread. There is always A/V. Though I went looking for info on the Symantec site and spotted a blahblah@.dodab virus that effectively wiped Norton. leaves ya real confident - right? |
|
29 Jun 03 - 05:00 AM (#974164) Subject: RE: Tech: new virus attachment From: JennyO My viruscan automatically updates regularly, and a couple of weeks ago it picked up SobigA in my email and automatically deleted it. So I imagine it will pick up the new one. Still I'll be watching out. That virus you mentioned, Mr Red, sounds really horrible. How can it wipe Norton? Jenny |
|
29 Jun 03 - 01:55 PM (#974265) Subject: RE: Tech: new virus attachment From: treewind Spam and viruses aren't the same thing. Not that I'm suggesting that spam never contains a virus, so Hotmail's advice (if I've understood right) is very dangerous. But I think their intention is that you send them the text from stuff like HTML-formatted attachments (I get a lot of SPAM in HTML only). This is still really bad advice. Even opening an HTML message can create security problems, like silently sending your email address to a web site somewhere, or downloading a javascript that exploits a weakness in Outlook/OE. Anyway, if you want to report spam to someone who might be able to do anything about it they will need the headers, not the contents of the message. With a bit of luck, they show the route it's taken over the net. Mr Red - viruses that try to destroy AV programs have been around for many years. Nothing new about that. Anahata |
|
29 Jun 03 - 02:10 PM (#974269) Subject: RE: Tech: new virus attachment From: LesB I've been bombarded with e-mails containing W32 Bugbear D Virus. My BT account intercepts it and sorts it before telling me. Les |