Computer Tips -Tech Info

Tag: virus

  • Mail Viruses Junk Spam Phishing and now Dark?

    Okay, I’ve seen a new term come across the horizon in the battle of the email inbox. First there were viruses, then junk mail, which became known as Spam and then Phishing attacks now we’re up to DarkMail. According to scmagazine , an IT security focused publication, the earmarks of darkmail are similar to junkmail but greater in volume. According to the article one domain withstood 10 million messages in one day as the sender went alphabetically through addresses on the domain.
    (more…)

  • Suspicious Emails inderectly leading to virus infection

    According to The August 4th entry of the isc.sans.org handlers diary, there are some peculiar emails going around. They claim to be for an article claiming an explosion kills 140 in Iraq. It contains a link to a news article that has been altered from it’s original (140 instead of 14 for instance.) It also contains some nasty surprises for the visitor. There is an exploit that requires no user intervention, A cross-site scripting vulnerability (MS05-001) is exploited which runs ppp.hta from your hard drive, which creates a file called netlog.exe, which is launched by Media Player (??), which then retrieves a copy of win32sba.exe, which is the robobot backdoor.
    (more…)

  • Spam that I might actually respond to

    This is going to be uncategorized because it’s out of nowhere.

    You know, I’ve wondered many times “who actually bites” for the things advertised in junk mail. You know someone has to. About a year ago I read an article on someone that bit at a lot of the “great offers” he got in his junk mail. I usually don’t see as much junk mail in my inbox as I used to. (I run spamassassin and a virus filter on my linux server). Sometimes a bit slips in though. Tonight I saw one that I may have to follow through with for more details….
    (more…)

  • Phish down – finally

    Finally, I just checked and ~80 hours since my first emails the Bank of the West phishing site is finally down. (~32 hours since contacting the ISP and 8-10 hours since contacting Bank of the West.) I suspect the ISP probably is the one responsible as I’ve found 24-48 hour response time for ISP’s with virus complaints. (Note to self, first round of complaints should probably go to ALL contacts that might be directly responsible, domain owners, ISP and even spoofed company.) I hate that it took so long, but I’m glad that it’s down. I feel like I actually have accomplished something with all the time I’ve spent on it this week. (more…)

  • How do I email lots of people without all their addresses showing up?

    OK, I’m prompted to post this because for the 2nd time this month I’ve received an “I’m changing my email address” message. In both cases, what appear to be 100-200 email addresses were all in the To: field and I cringed as I skimmed the list and found my more private address (that I usually don’t share) as one of them. (more…)

  • Virus Hoaxes are almost as bad as real viruses

    I suspect you’ve probably got a fair share of these, I know I pull my hair out everytime I see someone forward one to their closest 400 friends and include me. Virus warnings. Viruses, are something that I deal with cleaning up quite a bit and I guess people try to help, but most of the time circulated virus warnings through email are hoaxes. I have seen one in particular crop up every now and then that directs the user to find and delete a file on the drive which is actually a harmless file distributed with Windows.

    But how to tell the wheat from the chaff so to speak?
    (more…)

  • Sending Virus or Spam Abuse reports

    It occured to me that I may not have brought things to a neat conclusion on the post earlier about tracking email header data. I did make reference to sending an abuse report. Here’s an attempt to clear up a few things that might still be fuzzy.
    (more…)

  • Modern Computer Viruses are almost NEVER from whom they claim to be from

    This is one that I’ve probably talked about before, but it’s worth rehashing because of a call I had this afternoon. A customer had been receiving phone calls and email messages from folks asking that he stop sending them a virus. Essentially all of the viruses were claiming to be from his email address and he was very concerned that his system had been compromised.

    (more…)

  • Old posts

    I’ve copied over several of the older posts from the ezcontents layout of the site. I think I’ll skip moving the “virus of the moment, watch out for….” posts. The ones that I’ve chosen are a bit more generic and can relate to many viruses (The connection between spam and viruses for instance is as relevant today as it was when I first posted from all I can see…) The bugbear virus on the other hand, hopefully, is probably not relevant these days.

    For all the older posts I’ve tried to import them and preserve their original post date so as not to disrupt the flow of more current content. There is one recent post that I haven’t migrated on a recent site outage (due to the move of averyjparker.com to a new server which left mysql clueless until I figured out what it was missing.) I also hope to share the reason for a more recent outage (July 14-15th) in a few more days once all this is settled.

  • More on the virus/trojan front

    I have a couple new things to post. One, in my futher investigation of the server logs, from the last big topic…. (read the entries below.) I’ve discovered at least one MAC, so this should be a warning that no one should take system security for granted. Likely someone has installed a rootkit of some sort on that machine, as I know of no virus or trojan that is cross-platform in it’s ability to be a spam helper.
    (more…)