Steve: I receive 2 e-mails today from : Mail Delivery Subsystem [EMAIL PROTECTED] Subject: Returned mail: Service unavailable The attachments are: ATT00005.DAT, movie.msg Each e-mail had 2 attachments, since I did not send any e-mails, I became suspicious and downloaded (but did not open) the files to a temporary directory. I scanned the files with McAfee and it indicated that they had the W32/[EMAIL PROTECTED] I understnd this virus creates its own SMTP, hijacks your address book and sends infected files to names in your address book. In most list it has upgraded to Medium Severity. Javier,
Javier Valencia, PE President Valencia Technology Group, L.L.C. 14315 S. Twilight Ln, Suite #14 Olathe, Kansas 66962-4578 Office (913)829-0888 Fax (913)649-2904 Cell (913)915-3137 -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of J. Stephen Wills Sent: Thursday, June 26, 2003 11:15 AM To: RBASE-L Mailing List Subject: [RBASE-L] - Fw: new virus Guys, as best I see this at the moment, it is really a new means of attack by a previously existing virus. It is embedded in a ZIP file, which most of tend to know and trust ; so, be careful. Update your virus files, if necessary. Also, the links below can provide more details, if you need 'em. Later, Steve ----- Original Message ----- From: "Liliana Moisa" <[EMAIL PROTECTED]> To: "LSP" <[EMAIL PROTECTED]> Sent: Thursday, June 26, 2003 10:25 AM Subject: new virus > > FYI > > Liliana Moisa > > ===================== > > SOBIG-E INTRODUCES NEW MEANS OF ATTACK? | SearchSecurity.com > The fifth variant of the Sobig worm spreads as a ZIP file, a means of > attack that could sidestep many virus scanners, experts said. > http://www.searchsecurity.com/originalContent/0,289142,sid14_gci911988,00.ht ml > > NEW SOBIG VARIANT SPREADING RAPIDLY | SearchSecurity.com > The spread of the Sobig-E worm has increased rapidly this morning, > leading most antivirus vendors to elevate it to a high risk. Sobig-E > arrives as a Zip file, a technique that could enable the worm to > elude antivirus scanners. > http://www.searchsecurity.com/originalContent/0,289142,sid14_gci911977,00.ht ml > > >
