triumphs
[Top] [All Lists]

Re: Virus, no LBC & no PC Bashing!

To: Triumphs Mailing List <triumphs@autox.team.net>
Subject: Re: Virus, no LBC & no PC Bashing!
From: Pete & Aprille Chadwell <pandachadwell@mac.com>
Date: Wed, 26 Jun 2002 09:34:00 -0700
>  > In fact, even if the
>>  message actually came from the person whose name is attached, you
>>  still don't know if it is clean.  Many email viruses (viri?) send
>>  themselves by reading the address book of the infected machine.
>>  Someone you know may be contagious and not know it.
>
>This has happened to me.  I sh--canned the attachment immediately.  Could
>not figure out why Pat Washburn, respected member of the autox list and a
>personal friend, would be sending me a direct mail with 1) the subject line
>from a recent, legitimate, thread on the autox@autox.team.net list and 2)
>some kind of executable attachment.

Another beaytiful morning here in Central Oregon, and I received yet 
another weird message with attachment, which APPEARED to come from 
some automotive interest.

A buddy of mine who services PCs checked out the attachment for me, 
just for curiosity's sake, and determined that it was the infamous 
Klez worm. The text of the message was the same as yesterday's, but 
the filename was different. You gotta admit, those jerk-offs are 
clever! Thanks to Steven Newell and Randall Young for bringing me up 
to speed on how these things function.

So I think it's safe, having read this discussion, to conclude that 
someone who happens to subscribe to the Triumphs mailing list has 
encountered a Klez worm and actually ran the damned thing, infecting 
their machine. Since I subscribe, or because perhaps in the past I've 
had some direct communication with the infected party, the Klez worm 
has my address.

The cool thing is, my Macintosh represents ONE dead-end for that 
virus. It won't spread any further from here. Of course I realize 
that PC users can choose to be dead-ends for Klez if they'd kindly 
follow the fine advice offered on the list in this and many other 
related threads.

One other thing I'd like to point out is that, as I understand it, 
many of these e-mail viruses rely on Microsoft's Outtaluck or 
Outtaluck Distress (Outlook, Outlook Express) to distribute 
themselves. It would seem that one way to hedge against spreading 
these viruses is to turn away from Microsoft Outtaluck and use 
something like Eudora for your e-mail. As I understand it, most of 
these worms wouldn't know how to interact with Eudora. Perhaps I'm 
wrong on this point, but it seems logical.

-- 
Pete Chadwell
1973 TR6

///  triumphs@autox.team.net mailing list
///  To unsubscribe send a plain text message to majordomo@autox.team.net
///  with nothing in it but
///
///     unsubscribe triumphs
///
///  or try  http://www.team.net/cgi-bin/majorcool


<Prev in Thread] Current Thread [Next in Thread>