Re: Fwd: [da] PR for the MSN worm

[Justin Azoff <JAzoff () UAMAIL ALBANY EDU>]

On Mon, 2005-03-07 at 13:05 -0600, RLVaughn wrote:
> This is a forwarded message
> From: Gadi Evron <gadi () tehila gov il>
> To: da () linuxbox org
> Date: Monday, March 7, 2005, 9:18:19 AM
> Subject: [da] PR for the MSN worm
>
> ===8<==============Original message text===============
> Let's not repeat past mistakes, here is PR I will send a couple of very
> tech-savvy reporters (and friends). Feel free to send it out as well. It
> is not an official "press release".
>
>
> You will probably already be aware of the first part of this message. I
> hope this will interest you.
>
> This night, information came about an MSN messenger worm that spread by
> sending the following message:
> "http://home.earthlink.net/~gallery10/omg.pif lol! see it! u'll like it"
>
> I would estimate millions got infected.
> [snip]

What about the still spreading bots that use AIM?

Each day there is a new photos.pif link ("NEW PICS FROM THE BEACH") and
each day I curse AOL for apparently sitting around and doing nothing
while their users get infected one by one.

The lack of any visible effort by AOL to help stop these worms while
they air commercials 500 times a day proclaiming how committed they are
to the security of their members is absolutely insulting.

Shutting down C&C's works well enough to stop the bot activity, but only
AOL can easily notify the users and take every infected machine offline
(well, at least off AIM)

I'm sure Microsoft isn't going to stand by and let MSN get taken
advantage of...

--
-- Justin Azoff
-- Network Performance Analyst

**********
Participation and subscription information for this EDUCAUSE Discussion Group discussion list can be found at 
http://www.educause.edu/groups/.