« Go digital ... or else! | Main | Turning the Web into (commercial) TV »

May 27, 2005

Another new virus?

Perhaps we're being paranoid, but we've just received a couple of emails that look suspiciously like viruses. They purport to be the sort of thing that anyone administering a domain might well respond to: a notification of the suspension of an email account, and an online user violation report. Both come with ZIP attachments.

Perhaps they're not malware, but we'd be particularly careful about opening anything like that.

Posted by cw at May 27, 2005 03:29 PM

Trackback Pings

TrackBack URL for this entry:
http://bleedingedge.com.au/cgi-bin/mt/mt-tb.cgi/698

Comments

You're right, Charles - we got this virus on Monday. The subject line was (something to the effect of) "Your account has been supended for security reasons", and the 'From' was from 'security@OurISPDomain.com.au. It appeared authentic enough to fool our normally vigilent people! The virus was Win32.Mytob.GX

All the virus sites say that the beast is not too bad - but that's not what happened for us. It did the following:

- Disabled Mcaffee antivirus
- Disabled M$ Anti-spyware Beta s/w
- Disabled AdAware

The notes for this virus mentions that it also alters the LMHosts file and blocks access to the various anti-BLAH sites. Fortunately, we were able to clean the PeeCee after the infection as described. It's still chugging away after a fright.

Our beautiful DP G4 Macintosh kept on blissfully un-aware of the problem - just ignored that pesky Win32 Malware code. why do windoze users put up with it? I just don't understand it...

James

Posted by: James at May 27, 2005 08:35 PM

>why do windoze users put up with it? I just don't understand it...

Most of us just press the delete key. Surely there is nobody left who would open up an unsolicited zip file and extract and launch an executable file.

Posted by: Malcolm at May 28, 2005 01:08 AM

I got a snail mail version of something similar, saying my domain was up for renewal, blah blah blah. It came in a pretty fancy looking envelope with a colour letterhead from the American Domain Name Institute or something similarly official sounding. What it was actually offering me was the chance to register the .biz equivalent of the domain name I already owned, but if one didn't look carefully enough at it, one could easily have been forcefully scammed.

Posted by: Dan at May 29, 2005 10:54 AM

I received two emails of this type, both yesterday (30/05/05). The first one my virus software alerted me that the zip file contained a virus, the second one might have got through when the message was opened by another user (I forgot to warn them). The message was that my email account had been suspended for security reasons, more details in the attachment - which I opened.

I am usually extremely careful about opening attachments etc. but because the emails came from my ISP I was not concerned. The virus file was Win32.MyDoom... I have deleted it so cannot check.

Posted by: Suzanne at May 31, 2005 12:43 PM

Post a comment




Remember Me?



(you may use HTML tags for style)