Full Disclosure mailing list archives
Re: Swen
From: Nick FitzGerald <nick () virus-l demon co uk>
Date: Sun, 28 Sep 2003 04:59:20 +1200
"Paul Marsh" <pmarsh () nmefdn org> wrote:
Everyone's talking about if Swen is traceable or not,if it is when would gannpm () htc net be the potential infected client?
<<snip>>
Return-Path: gannpm () htc net
Yes... ...but note that the virus simply grabs a defined (but not hard-coded) registry value for this purpose. Whether that value is the (or "a") valid Email address for the user of the infected machine is, of course, an open question. -- Nick FitzGerald Computer Virus Consulting Ltd. Ph/FAX: +64 3 3529854 _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- Swen Paul Marsh (Sep 26)
- Re: Swen Nick FitzGerald (Sep 27)