Looks like this is for real. I'm including information below.
Please let us know if you have any further questions.
Dave
The following information is from the Computer Incident Advisory
Capability and can be found at:
http://www.nha.com/ciac6165.html
___ __ __ _ ___ __ __ __ __ __
/ | /_\ / |\ | / \ | |_ /_
\___ __|__ / \ \___ | \| \__/ | |__ __/
Number 95-10 June 16, 1995
A Trojaned version of the popular, DOS file compression utility PKZIP
is circulating on the networks and on dial-up BBS systems. The
Trojaned files are PKZ300B.EXE and PKZ300B.ZIP. CIAC verified the
following warning from PKWARE:
- -------------------------------------------------------------------------
Some joker out there is distributing a file called PKZ300B.EXE and
PKZ300B.ZIP. This is NOT a version of PKZIP and will try to erase your
harddrive if you use it. The most recent version is 2.04G. Please
tell all your friends and favorite BBS stops about this hack.
Thank You.
Patrick Weeks Product Support PKWARE, Inc.
- -------------------------------------------------------------------------
PKZ300B.EXE appears to be a self extracting archive, but actually
attempts to format your hard drive. PKZ300B.ZIP is an archive, but the
extracted executable also attempts to format your hard drive. While
PKWARE indicated the Trojan is real, we have not talked to anyone who
has actually touched it. We have no reports of it being seen anywhere
in the DOE.
According to PKWARE, the only released versions of PKZIP are: 1.10,
1.93, 2.04c, 2.04e and 2.04g. All other versions currently circulating
on BBS's are hacks or fakes. The current version of PKZIP and PKUNZIP
is 2.04g.
FOTEC HAS MOVED - EFFECTIVE DEC 4, 1995 !!!!
Jim Hayes @ fotec,inc. the fiber optic test equipment company
jeh@fotec.com 151 mystic ave.
http://www.std.com/fotec medford,ma 02155-4615
ph:1-800-537-8254 (US,Canada) 617-396-6155 fax: 617-396-6395
Web Home Page: http://www.std.com/fotec
|