Full Disclosure mailing list archives
RE: [ok] Possible Virus/Trojan
From: "Todd Towles" <toddtowles () brookshires com>
Date: Mon, 26 Jul 2004 14:03:38 -0500
I heard about a small thing going around about Bin Laden hanging himself and some CNN reporters had pictures. But it was a virus. I didn't hear much about it, maybe it is a small time thing and they are just picking people to spread the virus around. -----Original Message----- From: Edward Ray [mailto:support () mmicman com] Sent: Monday, July 26, 2004 1:53 PM To: 'Todd Towles'; 'Curt Purdy'; 'Mailing List - Full-Disclosure' Subject: RE: [ok] [Full-disclosure] Possible Virus/Trojan Got something similar to that a few days ago on another mailing list, informing me Arnold Schwarzenegger hung himself last night. the file was a *.exe.html, or *.html.exe _____ From: full-disclosure-admin () lists netsys com [mailto:full-disclosure-admin () lists netsys com] On Behalf Of Todd Towles Sent: Sunday, July 25, 2004 8:03 PM To: 'Curt Purdy'; 'Mailing List - Full-Disclosure' Subject: RE: [ok] [Full-disclosure] Possible Virus/Trojan I would say that the latter is the more likely, but the message came from a hotmail account. Doesn't hotmail check attachments? I didn't look at the headers really so spoofing is possible. I am getting a copy to a research company so I can get some more answers maybe. -----Original Message----- From: Curt Purdy [mailto:purdy () tecman com] Sent: Sunday, July 25, 2004 2:07 PM To: 'Todd Towles'; 'Mailing List - Full-Disclosure' Subject: RE: [ok] [Full-disclosure] Possible Virus/Trojan Todd Towles wrote:
I received an e-mail today that looked very much like a virus. Here is the
message
Attachment - erupts.avi.exe
Subject - New Southern California wildfire erupts
<snip> .
Either this is a new Trojan that changes it body and subject based on the
current AP news or someone used a very lame trick against me. =) I'm guessing the latter. Although story scraping would be possible, intellegent naming of the .exe would not be. Most likely a friend... or enemy. Curt Purdy CISSP, GSEC, MCSE+I, CNE, CCDA Information Security Engineer DP Solutions ---------------------------------------- If you spend more on coffee than on IT security, you will be hacked. What's more, you deserve to be hacked. -- former White House cybersecurity adviser Richard Clarke
Current thread:
- Possible Virus/Trojan Todd Towles (Jul 24)
- Re: Possible Virus/Trojan Andrew Farmer (Jul 24)
- RE: [ok] Possible Virus/Trojan Curt Purdy (Jul 25)
- RE: [ok] Possible Virus/Trojan Todd Towles (Jul 25)
- RE: [ok] Possible Virus/Trojan Edward Ray (Jul 26)
- RE: [ok] Possible Virus/Trojan Todd Towles (Jul 26)
- Re: [ok] Possible Virus/Trojan Denis McMahon (Jul 27)
- SV: [ok] Possible Virus/Trojan Peter Kruse (Jul 27)
- RE: [ok] Possible Virus/Trojan Todd Towles (Jul 27)
- Re: [ok] Possible Virus/Trojan Duncan Hill (Jul 27)
- RE: [ok] Possible Virus/Trojan Todd Towles (Jul 27)
- RE: [ok] Possible Virus/Trojan Mortis (Jul 27)
- RE: [ok] Possible Virus/Trojan Todd Towles (Jul 27)
- RE: [ok] Possible Virus/Trojan Todd Towles (Jul 25)
- RE: [ok] Possible Virus/Trojan Todd Towles (Jul 26)
- RE: [ok] Possible Virus/Trojan Todd Towles (Jul 26)