Log in

View Full Version : ALERT!!!!!!!! NEW EMAIL VIRUS FOUND TODAY! 1-26-04 ALERT!!!!!!!!!!!


JackTheTripper
01-26-2004, 11:36 PM
Be careful open attachements from people you don't know!

More info here.... http://vil.nai.com/vil/content/v_100983.htm

Janak Parekh
01-26-2004, 11:43 PM
Yup, I just got one, and got a bounce as my name was in the From: field. :( Fortunately, I read my mail on Linux, so I'm unlikely to run an attachment...

This is the beginning of zero-day worms, that is, worms that spread quickly within a few hours of "release" -- Symantec's page says "no details" for the worm so far. It's only going to get worse from here. Much worse. :|

--janak

JustinGTP
01-27-2004, 12:42 AM
What kind of kick do people get out of this type of stuff? Does it make them feel glad to destroy others computers? :evil:

The world is wierd that way :roll:

Dave Beauvais
01-27-2004, 02:51 AM
As an IT support person who often has to clean up after this crap, there is one thing that ticks me off more than anything else: over 95% of the most recent destructive viruses/viri would not cause anywhere near the damage they have if idiots would simply not open and run the damn attachments. I mean really... is that concept really so hard to grasp? Apparently so. I know there are novices out there who simply don't know any better, but with all the publicity this stuff has gotten even in mainstream media, I just don't understand why people still do it.

Steven Cedrone
01-27-2004, 02:56 AM
Yuck, three already tonight...

Steve

Jason Dunn
01-27-2004, 04:56 AM
...if idiots would simply not open and run the damn attachments...

Good email programs should block most attachments that can cause damage - at least, Outlook is good at that. :D What email programs are they using?

Janak Parekh
01-27-2004, 05:22 AM
Good email programs should block most attachments that can cause damage - at least, Outlook is good at that. :D What email programs are they using?
Probably Outlook or Outlook Express, either with an insecure (pre-SP2 Outlook 2000 or OE6 pre-SP1 or earlier) version or the blocks turned off. You'd be amazed how many people are addicted to running .exes in their email, like Flash attachments. :roll:

--janak

Dave Beauvais
01-27-2004, 07:55 AM
Probably Outlook or Outlook Express, either with an insecure (pre-SP2 Outlook 2000 or OE6 pre-SP1 or earlier) version or the blocks turned off. You'd be amazed how many people are addicted to running .exes in their email, like Flash attachments. :roll:
Worse. Eudora. I just started this job a couple weeks ago (Yay!) but have already become annoyed with the number of people who cling to Eudora and open every freaking thing that comes their way. We're trying to get all the Windows users to move to Outlook 2002, or even 2003 if they request it, but there are still many who use Eudora and don't want to change. All I can say is they'd better change their e-mail habits if they won't change clients...

aroma
01-27-2004, 02:01 PM
Be careful open attachements from people you don't know!

Really doesn't matter. Be careful opening attachments PERIOD. Doesn't matter if they come from someone you know or not. Too many of these viruses DO come from someone you know.

- Aaron

Steven Cedrone
01-27-2004, 02:16 PM
Really doesn't matter. Be careful opening attachments PERIOD. Doesn't matter if they come from someone you know or not. Too many of these viruses DO come from someone you know.

Very true, the worst part about this one: it can appear to be returned mail from you...

Full writeup on this one is available from Symantec here... (http://securityresponse.symantec.com/avcenter/venc/data/[email protected])

Steve

tanalasta
01-27-2004, 02:33 PM
Not another annoying worm :evil: Just updated my norton antivirus definitions.

Probably Outlook or Outlook Express, either with an insecure (pre-SP2 Outlook 2000 or OE6 pre-SP1 or earlier) version or the blocks turned off. You'd be amazed how many people are addicted to running .exes in their email, like Flash attachments

I use Outlook express 5 (I have an outdated celeron 433mhz running windows 98) and can't seem to find the security patch that allows me to block all executable attachments. If someone could help me out, I'd gladly update my system.

Reason I ask is that Norton picks up w32.klez in my parent's email inbox every couple of days.... and its only a matter time before an imbecilic member of my family accidently opens the file.

aroma
01-27-2004, 03:02 PM
So far, of the few hundred copies of this worm we received (prior to updating VS), we've discovered only one infection. One of the executives for one of out sub companies gets a copy of any bounced e-mail intended for their domain. (Don't ask me why he wants this punishment.) He received an e-mail, that he didn't know who it came from, and was address to an address that has NEVER been valid (so he didn't even know who it was intended for), and said, hey "I'll think I'll open this... and look, it has an attachment I think I'll open it too!" Then, after cleaning his computer, he asked if we were going to send out an e-mail instructing all our users not to open attachments... because oviously the DOZENS of e-mails we previously have sent out and he has received really made an impact! :)

- Aaron

denivan
01-27-2004, 11:48 PM
I use Outlook express 5 (I have an outdated celeron 433mhz running windows 98) and can't seem to find the security patch that allows me to block all executable attachments.

I think that when you upgrade to OE 6, attachment blocking is turned on by default.
Btw, at home I have a P4 2,4 , at work I use a celeren 366 with 384 Mb ram, speedy 40 GB hdd, running Win2k. I don't notice much
speed difference doing standard office work, so don't be ashamed about your PC :)

Janak Parekh
01-28-2004, 12:07 AM
I think that when you upgrade to OE 6, attachment blocking is turned on by default.
OE6 SP1. But it's terrible. It blocks everything, even useful stuff, so most people turn it off. :| Outlook is much better at this...

--janak

denivan
01-28-2004, 12:33 AM
OE6 SP1. But it's terrible. It blocks everything, even useful stuff, so most people turn it off. :| Outlook is much better at this...
--janak

Well, I don't use the blocking feature of Outlook, but my hosting provider (for my domain) blocks certain files, and I have no problem with this. It
helps to keep the internet a tiny bit cleaner, and if I want to get a file
by e-mail, I'll find a workaround.

As long as anyone can get on the internet without a drivers license, I think it should be enforced to not use attachments in e-mail. It boggles my mind that people don't use anti virus protection when all these fast spreading viruses are reported about on the news. People should consider that using the internet implies a certain amount of responsability, in the same way I can't understand how people can find the shortcut to 'solitaire', but are able to ignore the 'windows update' icon for years...

Sorry for the rant, just needed to vent my feelings, I work at an IT consultancy / problem solving company and on days like these I could pull my hair out after cleaning so much PC's and getting so much phone calls from people who seem to be unable to interpret a dialog box from Norton Anti Virus correctly :? ... at least it doesn't seem to be as bad as MS Blaster ;-)

Kind regards,

Ivan

ale2999
01-28-2004, 03:41 AM
I cant believe I actually got some too. norton was updated though and it detected it. No offense if you got 1, but what kind of ppl get viruses? as soon as i saw this I spam email all my friends, cuz they are all naive enought to open EVERY attachment sent. I hope that after last time they learnt the lesson!

PetiteFlower
01-28-2004, 08:58 AM
Crap my Norton subscription ran out 1/23, now I'll have to pay right away instead of putting it off :(

Anyway Tanalasta--Norton should clean Klez automatically upon detection at this point so your parents should never get a chance to open it. No worries :)

David Prahl
01-29-2004, 04:11 PM
NEW VARIANT IS OUT! New target is Microsoft.

http://www.wired.com/news/infostructure/0,1377,62082,00.html?tw=wn_tophead_6

Whoa! Hang on, Mr. Internet! There's a storm headed this way! 8O