impressed. Unfortunately, the payload is glaringly obvious, so it's not
a perfect bit of skullduggery.
- Jim
Michael Dinowitz wrote:
>The virus is stealthing itself by using a previous post. That is, unless the
>virus is writing tech question postings which I kind of doubt.
>That would be cool though. A virus that scans the infected persons filters
>or addresses for certain key addresses or lists and then forms the virus
>text based on them. It would send CF sounding text if the person is on a CF
>list, sewing sounding text if they're on an sewing list, etc. The assumption
>would be that if a person is on a list of a specific type then the people in
>the address book will probably be of the same type and be more inclined to
>open a virus that if targeting their interests.
>An AI virus. cool
>
>
>
>
>>I got the same thing, subject line: FW: SQL Server full-text search
>>
>>with the following text:
>>
>>It's not just letters that cause the SQL Server error -- see question I
>>posed to MDCFUG list below -- any ideas...
>>---------------------------------
>>An using full-text search from Cold Fusion 5 against SQL P
>>
>>
>>containing the 'acrobat' file. weird.
>>
>>
>> ----- Original Message -----
>> From: Paul Ihrig
>> To: CF-Community
>> Sent: Friday, October 31, 2003 6:30 AM
>> Subject: RE: Strange virus email today
>>
>>
>> i got one
>> -----Original Message-----
>>
>> From: Arden Weiss [mailto:[EMAIL PROTECTED]
>>
>> Sent: Friday, October 31, 2003 12:57 AM
>>
>> Subject: More SQL Server date stuff...
>>
>> -----Original Message-----
>> From: Jim Campbell [mailto:[EMAIL PROTECTED]
>> Sent: Thursday, October 30, 2003 5:54 PM
>> To: CF-Community
>> Subject: Strange virus email today
>>
>> Has anyone else recieved something like this?
>>
>> ----------
>>
>> From: [EMAIL PROTECTED]
>> Subject: Use "LIKE" instead of "CONTAINS"
>> Body: To make it work correctly I had to use "LIKE" instead of
>> "CONTAINS" Not sure what good "CONTAINS" is with so many "Ignored
>>
>>
>words"
>
>
>> Anyhow the new query condition is as follows (note the LIKE command
>>
>>
>and
>
>
>> ----------
>>
>> It contained a .pif file (Acrobat1.bmp.pif), but it stood out since it
>> masquerades as an email I might get from a list like this or CF-Talk.
>> I'm on several other tech lists as well, but I wanted to give you all
>>
>>
>a
>
>
>> heads up to this one. It might be just another Outlook Address Book
>> virus, but FYI.
>>
>> - Jim
>>
>>
>>
>>
>>
>>
>
[Todays Threads] [This Message] [Subscription] [Fast Unsubscribe] [User Settings]
