Security Incidents mailing list archives
Re: New Worm similar to BadTrans.B?
From: zeno <bugtraq () cgisecurity net>
Date: Wed, 28 Nov 2001 09:30:51 -0500 (EST)
I've been getting .pif ,exe .mp3 and ,scr also. Maybe 15 today alone. All with same mime type you describe. - zeno () cgisecurity com
Mailer: SecurityFocus Hi, our company has recieved some e-mails containing the some attachments (all of them as mime-type audio/wav) like: IS_LINUX_GOOD_ENOUGHX.TXT.pif MATRiX_2_is_OUT.SCR But the filesize differs from the BadTrans.B worm which we also recieved. Interesting output of "strings IS_LINUX_GOOD_ENOUGHX.TXT.pif":
---------------------------------------------------------------------------- This list is provided by the SecurityFocus ARIS analyzer service. For more information on this free incident handling, management and tracking system please see: http://aris.securityfocus.com
Current thread:
- New Worm similar to BadTrans.B? Peter Turczak (Nov 28)
- <Possible follow-ups>
- Re: New Worm similar to BadTrans.B? zeno (Nov 28)