[Dialogue] new virus to watch out for

Del Morrill delmorrill at hypnocenter.com
Fri Aug 5 14:47:17 EDT 2005


This came to me from a colleague - anyone else heard of this????

Del



New Virus. This has been checked out with Snopes.

WARNING

Ok this one has been checked out and is real. Go to the Snopes.com page and

check it out if you want to. So pay attention to this one folks. I'm not

sure if it will effect WebTV users or not so you are here as well. Ok that's

all folks.

Email with pictures of Osama Bin-Laden hanged are being sent and the moment

that you open these email's your computer will crash and you will not be

able to fix it!!!

This e-mail is being distributed through countries around the globe, but

mainly in the US and Israel.

Don't be inconsiderate; send this warning to whomever you know.


Confirmed at: http://www.snopes.com/computer/virus/osama.asp

Another link is here: http://www.truthorfiction.com/rumors/o/osama.htm

Origins: There are few headlines that would grab the attention of more

computer users around the world than "Osama bin Laden Captured," and that's

exactly what whoever created this lure was counting on to snare unsuspecting

victims who use Microsoft platforms.

"Osama bin Laden Captured" isn't a virus in itself; it's the text of a

message that includes a link to a file called EXPLOIT.EXE. When a message

recipient clicks on this link to view what he thinks are pictures of Osama

bin Laden's capture, he can end up downloading an executable Trojan known as

Backdoor-AZU, BKDR_LARSLP.A, Download.Trojan,

TrojanProxy.Win32.Small.b,or Win32.Slarp.< BR Clicking the embedded link in

the "Osama bin Laden Captured" message auto-executes a file called

"EXPLOIT.EXE," which exploits a known security hole to download the Trojan.

According to McAfee Security:

The Trojan opens a random port on the victim's machine. It sends the Port

information to a web page at IP address 66.139.77.145. The Trojan

listens on the open port for instructions and redirects traffic to other IP

addresses.

Spammers and hackers can take advantage of compromised systems by using

the infected computer as a middleman, allowing them to pass information

through it and remain anonymous. Microsoft has made available updates that

close the hole exploited by this Trojan.


A separate hit I got when checking this out, gave me several email topics to

avoid. That warning can be found here:

<http://techsupport.lausd.net/harmful_email.htm>

http://techsupport.lausd.net/harmful_email.htm



More information about the Dialogue mailing list