67  virus warning

 ARTICLE INDEX


Date: Mon, 9 Jul 2001 00:55:45 +0900
From: astrid <astrid@RUBY.PLALA.OR.JP>
Subject: virus warning

This is not about tango, but I think, whoever sent this most likely got my
name from the Tango-L.
If any of you get mail from ARIS with an attachment, don't open it. My
Norton system busted it, and after the scan I repaired the file, so I was
lucky this time.
Astrid



Date: Mon, 30 Jul 2001 13:53:20 -0500
From: Erica Sutton <ericaatwork@HOTMAIL.COM>
Subject: virus warning with tango header

Tango-L:

I am sending the warning because it hit my computer in mid-July when it
first surfaced. Because this virus can grab a file from someone's computer
and email it around, I received an virus email with the attachment entitled
"milongas" - !!! Can you believe it?!

So I clicked to try and open it up. Somehow, I don't know how, I was not
infected (maybe because I was reading my mail via Hotmail and not using
Outlook!) and did not think anything of it. Until reading the attached
story online today.

Just beware. It arribed in my office today via a client, but because I had
seen it 2 weeks earlier we were able to head it off - beautiful delete key!

I never expected to open a file that was a virus, I consider myself pretty
wary - but when the document was entitled "milongas" that it grabbed from
someone and sent to me, I natrually assumed someone really wanted my advice.
Arg!

Best wishes!

Erica
tango para todos
the chicago tango school
https://www.tangoparatodos.com


Friday July 27 04:21 PM EDT
Sircam Worm: Crawling Fast but Easily Crushed
By PC World
First detected in mid-July, The Sircam worm is replicating at a rapid rate,
say Internet security experts. It's likely you could have a version of it
sitting in your e-mail box right now.

(The Industry Standard)


Sircam is a tricky e-mail worm that's trying to wriggle its way into PCs all
over the world, but you can kill the cyber beast with one keystroke before
it can harm your system.

The Sircam worm, first detected in mid-July, is replicating at a rapid rate,
say Internet security experts. It's likely you could have a version of it
sitting in your e-mail box right now.

"It's not the worst, but it's one of the top ones," says Vincent Weafer,
director of the Symantec Anti-Virus Research Center. "On a 1-5 scale, it's
rated a 4. It's a global epidemic and it's certainly matching some of the
things we've seen like the Love Bug and Melissa. It's a very virulent virus
with global impact."

The Sircam worm arrives in an infected attachment to an e-mail message. The
e-mail text message comes in several slight variations, but here's a typical
example: "Hi how are you. I send this file in order to have your advice. See
you later. Thanks."

Use your delete button to get rid of this message (and the attachment, which
you shouldn't touch), the experts say. It's a good idea to delete any other
suspicious e-mail from anyone you don't know, especially if there's an
attachment.

If you don't, you're likely to send the worm squirming down another network
path, and find hassles on your hard drive as well. When you open an
attachment infected by Sircam, it worms its way into your Outlook address
book. The worm chooses a file on your own hard drive to infect and send it
as an attachment to its next correspondents. Then it trashes files on your
hard drive, and slows down your PC.

Solutions available

Antivirus vendors, of course, urge you to keep your virus definitions
current. All the major vendors have updated their programs to identify and
nullify the Sircam worm.

But if your PC is already infected, you can obtain a free tool to remove the
virus from your system from several computer security companies. Symantec is
providing a Sircam removal tool. Another tool is available from McAfee, at
its Avert antivirus center. Panda Software also provides a Sircam extraction
tool.

Every e-mail user has the power at their fingertips to stop Sircam and other
worms that arrive in online mail--by simply hitting the "delete" key. But
the originators of these worms are counting on e-mail recipients' curiosity
to override their common sense.

Hooked by the worm

Mary Huhn wishes she'd used her delete button sooner. Huhn writes the
"Surfer gURL" technology column for the New York Post. She received a Sircam
worm in an e-mail message a few days ago, and her PC soon began sending out
infected e-mail messages to people in her address list.

"It's awful. It's bad news," Huhn says. "I've never been caught by virus
before. I think that if I had one thing to say, it would be: 'If you are
getting e-mail from someone you haven't heard from in a long time or someone
you do not know, don't open any attachments.'"

The Sircam worm brings another threat--one of privacy invasion. PC World
contributing editor Steve Bass received an infected message from Huhn. He
didn't open the attachment, but he examined it closely enough to see that it
contains a confidential document that included another newspaper employee's
Social Security (news - web sites) number. Another infected e-mail to Bass
contained details of a confidential employment agreement.

This occurs because the Sircam worm takes an actual random file from the
hard drive of its recipient and converts it to an infected executable file
that will continue to spread the worm.

The e-mail messages "are from someone you may know and they are using
subject lines based on the document itself," says Symantec's Weafer. "People
have said they got confused over this and just clicked on it, to their own
detriment."






Date: Sat, 4 Aug 2001 12:25:31 EDT
From: Timothy Pogros <TimmyTango@AOL.COM>
Subject: anaother virus warning

this is a worm virus going around the Detroit and Cleveland area.
I'm sure it is going beyond that

DO NOT Down load any messages reading like the sample

Subj: PD AD REG


Date: Thu, 20 Dec 2001 15:02:44 -0500
From: "Irwin L. Singer" <singer@NRL.NAVY.MIL>
Subject: A real virus warning New worm W32/Maldal.c@MM information

A real virus warning from our computer security branch. Irwin

>>A mass-mailing Internet worm that purports to offer New Year greetings was
>>spreading rapidly Wednesday December 19th, and is rumored to be the big
>>Christmas virus that antivirus companies have been gearing up for. The worm
>>also known as:
>>
>> W32/Keyluc@MM
>> W32/Reeezak.A-mm
>> W32/Zacker@MM
>>
>>arrives with the subject header "Happy New Year" and contains a file
>>attachment entitled "christmas.exe." It uses familiar social engineering
>>tactics to entice recipients to double click on the attachment, before
>>mailing itself to the user's entire address book. Once the Christmas.exe
>>application is opened, the virus will attempt to delete significant portions
>>of the Windows operating system.
>>
>>Subject Line: "Happy New Year"
>>Message Text: Hi
>>I can't describe my feelings
>>But all i can say is
>>Happy New Year :)
>>bye
>>Attachment Named: Christmas.exe
>>
>>Please be on the look out for this worm and do not open the attachment. . .

See https://securityresponse.symantec.com/avcenter/vinfodb.html for more
information.


Continue to Rotating technique | ARTICLE INDEX