[ Hackerlink ] viriinews : WM97.ACM v0.2 (WM97.Nail)

Fri, 2 Apr 1999 04:38:47 -0500 

WM97.ACM v0.2 (WM97.Nail)
    
                                           April 02, 1999 - 03:08
      

 WM97.ACM v0.2 (WM97.Nail)

This is a new version of WM97.ACM in reply to the recent virus 'Melissa'
which has clearly been based on WM97.ACM v0.1. However, as with (almost)
all my viruses, I will not be releasing this virus in a form other than
as a known virus (ie, not to the unsuspecting public). This was clearly
a good choice with WM97.Nail, given the problems it has caused, and I
have decided to make  a similar decision with v0.2. The only real reason
for publishing  this code, is to prove:

 (a). The technology in 'Melissa' is not new, and has been done 
      before in WM97.Nail.
 (b). It is not only a problem with 'Outlook' but with the ActiveX 
      technology itself, of which I have written an article on.

 Features of WM97.Nail v0.2 include:

 Infection of the global template and other documents.
 Use of any MAPI compliant E-mail client to send the document (ie 
 Eudora, Netscape, Outlook etc) 
 Detection of 'Melissa' Random message and subject titles Changing 
 of the attachment name 
 Removal of the macro virus warning
 The code is no longer stored in an external template
 Sending of a random message from the users inbox to a known 
 address 
 Sending the infected document to all addresses in the users 
 address book via BCC
 Sending those addresses also to a known E-mail address

 It should be noted, that as with WM97.Nail v0.1, this macro virus 
 is not designed for Word 2000, nor do I intend to make it be, it 
 is merely another 'proof of concept' from the 'Virus Research & 
 Development Outlet'. As you can see, I have made no attempt to 
 hide the origin of this virus, and nor should I, for I have done 
 nothing wrong, I am making it well known that this is indeed a 
 'virus' and is for research purposes only, to show some of the 
 potential for such a virus. So I do not expect to have the Feds 
 knocking on my door.

 [EMAIL PROTECTED]
 http://www.sourceofkaos.com/homes/1nternal
 [hommie beliau mati ;(]


 catatan:
 nah loe nambah gawat khan ;p tinggal pine yang gak kena hehehe

  
                                              diupdate oleh : foxz

-- 
  system
[ spread the word ]


 
[ baru di onshop -> stampede linux, turbo linux 3.0.1, mandrake 5.3, ]
[ freebsd 3.5.1 , cheapbytes linux archives, cheapbytes rpm galore's ]
====================================================================== 
 berhenti  dari milis hackerlink : [EMAIL PROTECTED] 
 peraturan pada milis hackerlink :         [EMAIL PROTECTED]
 arsip milis ini : http://www.mail-archive.com/[email protected]

Kirim email ke