someone sent me a virus/worm

**CMonster** · 08-23-2003, 07:32 PM

someone sent me an email titled:

"re That movie" with an application.pif attachment ....no problem, I'm always in Linux anyway, but here was my reply:

It appears that you have sent a virus or worm to me as an attachment to an
email titled "re That Movie". I am not affected because I use the Linux
operating system. I am sending you this return email as a courtesy to let you
know. You may not even be aware that your system is sending out these
emails.

**bosox79** · 08-23-2003, 07:44 PM

Originally posted by CMonster
someone sent me an email titled:

"re That movie" with an application.pif attachment ....no problem, I'm always in Linux anyway, but here was my reply:

nice very nice

**f'lar** · 08-23-2003, 07:49 PM

Looks like the new SoBig. FYI, the new sobig uses a false return address that it gets off of it's victim's computer, so the person that your mail client said the message was from was not really the person who sent it.

**bwkaz** · 08-23-2003, 09:01 PM

Anybody know if email worm writers have figured out how to spoof the routing headers yet? If not (and I don't think they have), you could always use that info to narrow down the person that it did actually come from...

But yeah, this is SoBig. We've gotten about five hundred of them at work since early Thursday morning. Interestingly, every single one was to one of two addresses; nobody else was getting it. Of course, it was stopped at the mail gateway, so no harm done, but it sure is annoying.

My sister also complained to me yesterday: "I'm getting a whole crapload of these cheesy emails! What are they?" After I told her "you're in some idiot's inbox or address book, and they were dumb enough to run the attachment when they first got it", she says "OK, so how do I stop it?" Boy, I wish I knew...

**bones996** · 08-23-2003, 09:38 PM

Isn't running linuux so much nicer than windows when it comes to the majority of viruses & trojans - like one of the last ones (MSBlast) which only affects windows 2000 & XP

**seabass55** · 08-23-2003, 10:26 PM

Originally posted by bones996
like one of the last ones (MSBlast) which only affects windows 2000 & XP

Doesn't affect my computers data speaking but I still feel effects of the worms and trojans. Apacha log files filling up, iptables log files filling up, internet connection slowing down (especially codered and nimda). First two can be fixed numerous ways but until people patch their machines there's no real way to fix number 3.

**rwtoften** · 08-23-2003, 10:36 PM

What I, don't understand is why do people open e-mails from people that they do not know?

**DerekKraan** · 08-23-2003, 11:07 PM

Because the emails come from people they do know. That's the problem.

**Elijah** · 08-23-2003, 11:37 PM

I've been getting automatic reply messages of failed sending of an email (w/ a virus) with my email address on it... now how did that get there?? could my email add. be spoofed ? cause I don't think sylpheed/evolution could be sending out those things

**rwtoften** · 08-24-2003, 12:04 AM

I, know they come people they know. But why do this friends send it to their friends?

**nextbillgates** · 08-24-2003, 12:10 AM

Originally posted by rwtoften
I, know they come people they know. But why do this friends send it to their friends?

Here's how modern Outlook viruses work.

The first virus is sent to multiple people in hopes that at least one will open it and run the attachment. Once this happens, the virus will send itself to everyone in the affected users address book. As the virus is coming from someone that the users knows, they throw all cuation to the wind and open it. Wash, rinse, repeat.

All it takes is one person to infect the world.

Makes for an interesting social experiment

**DFo3D** · 08-24-2003, 12:21 AM

bwkaz they figured it out a while back, I think with the love bug they had it figured out.

The problem is though, is that the ISP's kept their spool files and didn't pass it on to the email headers, that's how they figured out who it was.

Sobig though has a definite trail, the trail is just so huge though it's like 100 farmers dropping off train cars full of hay, and sorting out each needle through about 500 tons of hay.

**rwtoften** · 08-24-2003, 12:26 AM

Well I, guess people can't resist opening mail that they have no clue as to who really sent it! In my case, if you haven't told me personally that you're sending it, it gets friggin trashed, no questions asked!

**DFo3D** · 08-24-2003, 12:58 AM

One more reason to convert people to Linux though.

I am free to open up any klez, sobig, or blaster emails I want.

In fact I have seen alot of reports that symantec prefers to take virii on a Linux machine and then simulate a windows environment, I hear it's the most effective way to reverse engineer a worm.

Silly windows people...so vulnerable like little children.

Yet I'm sure that if Linux was the majority people would write worms for it instead.

Funny thing is though, it would do absolutely nothing to a root account

A properly used Linux system is always far more secure, maybe not your files, but your system is pretty much guaranteed to be ok.

**nextbillgates** · 08-24-2003, 01:07 AM

A properly used Linux system is always far more secure, maybe not your files, but your system is pretty much guaranteed to be ok.

A properly used Windows system is always far more secure, maybe not your files, but your system is pretty much guaranteed to be ok.

Thread: someone sent me a virus/worm

Thread Tools

Display

someone sent me a virus/worm

Re: someone sent me a virus/worm

Posting Permissions