Printable Version of Topic
Click here to view this topic in its original format
Celtic Radio Community > Retro Computers > Virus Alert!


Posted by: MDF3530 01-May-2004, 09:33 AM
If you get an email that says Osama bin Laden has been captured, DO NOT OPEN IT! It contains a Trojan horse!

Source: snopes.com
Virus name: Osama bin Laden Captured
Status: Real.
Example: [Collected on the Internet, 2004]

QUOTE
Subject: Osama bin Laden Captured

Hey, Just got this from CNN, Osama Bin Laden has been captured! A video and some pictures have been released. Go to the link below for pictures, I will update the page with the video as soon as I can.


Origins: There are few headlines that would grab the attention of more computer users around the world than "Osama bin Laden Captured," and that's exactly what whoever created this lure was counting on to snare unsuspecting victims who use Microsoft platforms.
"Osama bin Laden Captured" isn't a virus in itself; it's the text of a message that includes a link to a file called EXPLOIT.EXE. When a message recipient clicks on this link to view what he thinks are pictures of Osama bin Laden's capture, he can end up downloading an executable trojan known as Backdoor-AZU, BKDR_LARSLP.A, Download.Trojan, TrojanProxy.Win32.Small.b, or Win32.Slarp.

Clicking the embedded link in the "Osama bin Laden Captured" message auto-executes a file called "EXPLOIT.EXE," which exploits a known security hole to download the trojan.

According to McAfee Security:

The trojan opens a random port on the victim's machine. It sends the port information to a webpage at IP address 66.139.77.145. The trojan listens on the open port for instructions and redirects traffic to other IP addresses. Spammers and hackers can take advantage of compromised systems by using the infected computer as a middleman, allowing them to pass information through it and remain anonymous.

http://www.snopes.com/computer/virus/osama.asp

Posted by: Macfive 03-May-2004, 09:05 PM
A new virus called Sasser is effecting thousands of computers. Make sure you update windows to the latest security patches and that your virus definitions are up-to-date. They scary thing about this virus is that you don't even have to open an email or file to get infected. It travels across networks, including the internet, and will automatically infect your computer just because your connected to the internet. Firewalls may prevent this. I would suggest reading this article:

http://www.mercurynews.com/mld/mercurynews/business/technology/8581101.htm?1c

and also Microsoft's information on this virus:

http://www.microsoft.com/security/incident/sasser.asp

Posted by: MDF3530 03-May-2004, 09:11 PM
Good thing I downloaded that security patch from Apple today biggrin.gif .

Posted by: mingkee 04-May-2004, 06:04 PM
about 2 weeks b4 sasser event
I got a winupdate notification
then go to Winupdate site, and install the update

besides of this, I use router (built in firewall) as gateway to internet / share connection
this helps as well (esp netblaster event)

Posted by: MDF3530 04-May-2004, 07:09 PM
Macs have an icon on the System Preferences menu that says "Software Update" which you can click on and see if Apple has released any new or updated software. If there is, you can download it right then. Neat, huh?

Posted by: MDF3530 04-May-2004, 07:18 PM
Here's the screen shot of Apple's System Preferences menu. The "Software Update" icon is the first blue one on the bottom.user posted image

Posted by: Danann 05-May-2004, 08:53 AM
Me thinks someone is trying to convert us to a Mac platform. They do have their place... wonderful little coloring books! Kidding! Put down the daggers MDF. Actually... I can't believe I am about to put this in print for anyone to see... Since the release of OS X.x I have liked what I've seen with the macs. The interface is very clean and the unix kernal makes it very strong and stable. If I hadn't invested so much in my windows software for graphic arts, I'd probably switch to a mac.

Posted by: Danann 05-May-2004, 09:02 AM
Forgot to put the most important thing in...

I was just out at http://isc.sans.org/ - an IT Security analyst resource - and the status of the Internet is Green, which means right now all is calm.

Powered by Invision Power Board (https://www.invisionboard.com)
© Invision Power Services (https://www.invisionpower.com)