Virused E-mails

[catbirdseat]

How many did you get today? I got 14. Whoopee!

[Fejas]

# = 0

[iain]

This is the third person I have come across who has said they are getting flooded with new viruses. Must be a new bug out there.

[catbirdseat]

I'm getting e-mails from people I don't know. Spammers have huge lists of addresses. If they get hit, there's bound to be a lot of infected messages going out.

[gapertimmy]

yeah if you recieve a .zip file as an attachment, stear clear, unless you are expecting and trust the source.

[Figger_Eight]

I believe it's a virus that get's resent to people in the affected persons contact list, so it might actually come from someone you know.

[catbirdseat]

Yeah, so there is no point of sending a reply saying, "I think your computer is infected".

[Dru]

news story about new virus

[catbirdseat]

Now I've started to get Delivery Failure Notification messages. I think this means that someone who has me on their address book got the virus which sent a message to a bad address using my return address. The server sends me the notification based on the phony return address rather than the infected computer.

[chucK]

CBS,

I think those "failed delivery" messages are copies of the virus being sent to you in hopes you'll click the attachment to see what the message was that you sent.

 

What's the deal with this "banned CD that the government doesn't want you to see?" spam that has all the random words in it? I guess those random words must be meant to fool the spam filters?

[CascadeClimber]

CBS is right about the source of the bounce messages. The sending address on infected messages is almost always forged now. Getting a bounce notification just means that the infected message bounced and it had your addresses forged on it.

 

The list of words is added to spam to fool filters. It depressingly effective.

 

-L

[catbirdseat]

CBS,

I think those "failed delivery" messages are copies of the virus being sent to you in hopes you'll click the attachment to see what the message was that you sent.

There was no attachment. I think that the server really was the source of the message.

[iain]

You (and millions of other windows users) are a victim of the MyDoom worm which is pretty much taking over the internet these days. I wouldn't want to be the SCO webmaster the next few days.

[iain]

Link about the MyDoom/Novarg virus

[sobo]

All three of my company's offices (Seattle, Yakima, and Oly) got hit today. We had to shut down our email gateway until we got it sorted out. I personally did not get an infected email, but many others here did.

 

There should be a "lynch law" passed that sez that once we find the fuckers that write/release these virus thingies, we can just kill them, no questions asked. It's a total waste of GNP to fuck with this shit with an increasingly depressing regularity.

[cracked]

I got five infected emails, and while they mention a zip file in the text, there isn't any attachment as far as I can tell. Does it infect your computer as soon as you open it?

[Stonehead]

Microsoft has established a $5 million fund to pay rewards for information that leads to the arrest and conviction of individuals responsible for releasing malicious code.

web page

[iain]

Microsoft should put that money towards writing decent software that doesn't turn your PC into a total menace on the internet. The virus makers are lame but I blame Microsoft for crap technology on this one. Sorry to those folks who work in Redmond on this board (perhaps there are many) but come on.

[Stonehead]

I don't anything about writing code but I'd think that a convenience that's written in could also serve as an potential exploit. Are there any secure operating systems out there?

[iain]

they are only secure as the person who uses them, but perhaps the most secure available today is BSD. It has traditionally been used as a server platform, but it is currently the subsystem for Mac OS X client software. It is quite secure, though any applications (such as apache webserver, ftp, nfs, etc, need to be set up intelligently if they are to be used).

 

Obviously, Windows is a very nice target for hackers since it is so commonplace. As new systems become more popular, they too will be targeted, but Windows has been particularly bad. Any system where your web browser or email client can be used as a portal to execute other applications on your hard drive is pretty poor in my opinion. And it has happened repeatedly.

[badvoodoo]

Iain touches on a very important point here. While BSD, specifically OpenBSD, is truly an excellent OS, and one of the most secure, the average Joe's grandmother isn't going to know so much as how to insert the CD, let alone install it. Ask any hacker, and they'll tell you the weakest link to any system is the user. MyDoom/Novarg doesn't just launch itself as soon as you get your email; you have to open the email, which will typically show to be from a completely unknown sender, then run the attachment from said email manually. Windows spent so much time making their OS idiot-proof, but now it's biting them in the ass because their users really don't know what they're doing. With a little basic education, this virus would go nowhere.

 

Windows does definitely have a lot of ground to make up to be considered anything less than crawling with bugs, but education is just as important.