Yeah, me too. I have had seven of these in the last three days. All from this list! The key thing to have is a good antivirus, either on the computer, or from the internet service provider. Great care is required at the moment, i have been getting the w32magister and the badtransB lately.
Later. S. At 20:24 28/11/2001 +1200, you wrote: >FYI... this information was posted on <nz.comp> today. > >I've had a rash of virus infected email from unsuspecting members of >these Lists, in the last 2 - 3 days. Microsoft email software users are >the most vulnerable, one reason why I use Pegasus, a very >professional NZ produced emailer. See http://pmail.com - it's free! > >NB: Version 4.01 is new and I'm not sure that it has settled down >yet. Versions 3.xx are available at ftp://risc.ua.edu. > >Cheers... Rex > > >------- Forwarded message follows ------- >Date sent: Wed, 28 Nov 2001 09:30:24 +1300 >From: "Markus Winter" <[EMAIL PROTECTED]> >Subject: We have a massive increase in virus-infected e-mails > >Hi all, > >We are currently seeing a massive increase in virus infected e-mails. >It is a virus which is designed to collect logins and passwords (ie >account information) and transmit them back to it's originator. >Furthermore the virus tends to change the return e-mail address to >make it more difficult for people to mail back and warn the sender. >For more information see: > >> [CNET]�"While Badtrans.B is not destructive, it does install a >> keylogger, a program that records what a person using the infected >> PC types and then sends the information to the virus writer's e-mail >> address. The key-logging program, known as Backdoor-NK.server, >> focuses specifically on four software functions that are used by >> programs to allow a person to enter a password, so it mainly records >> account information entered. [...] >> �" The virus uses a vulnerability in Microsoft's Internet Explorer >> 5.01 and 5.5 to automatically execute itself on PCs that don't have >> a patched Web browser. Opening the e-mail in a separate window or >> Outlook's preview pane will cause the worm to execute on unpatched >> machines." >> >> [Symantec]�"This worm arrives as an email with one of several >> attachment names and a combination of two appended extensions. The >> list of possible file names is: >> >> * HUMOR >> * DOCS >> * S3MSONG >> * ME_NUDE >> * CARD >> * SEARCHURL >> * YOU_ARE_FAT! >> * NEWS_DOC >> * IMAGES >> * PICS > >Best Regards >Markus >-- >Dr. Markus Winter >1st Floor, Room 15 >The Liggins Institute >University of Auckland >Private Bag 92019 >2-6 Park Avenue >Grafton >Auckland >New Zealand >Tel: 0064 (0)9 373 7599 (wait for message then extension) 3960 >Fax: 0064 (0)9 373 7497 mobile: 021 150 9621 >------- End of forwarded message ------- > > > >
