Full Disclosure mailing list archives
Re: Merry Christmas worm (Zafi.D) is spreading now. Beware!
From: Valdis.Kletnieks () vt edu
Date: Wed, 15 Dec 2004 16:44:55 -0500
On Tue, 14 Dec 2004 10:49:48 +0100, Feher Tamas said:
An apparently brands new "D" version of the ZAFI worm, with "Merry Christmas!" subject and animated fucking smiley icons on the inside is spreading Postcard.HTML.blahblah.. dot ZIP/CMD files.
*yawn* Somebody hit "rewind" on the remote control, will ya? "OK Sherman, set the wayback machine for December 1987....." "Yes, Mr Peabody.." <fwizz> * * **** ******** ************ **************** A ******** ************ VERY **************** ******************** HAPPY *********** *************** CHRISTMAS ******************* *********************** AND MY *************** ******************* BEST WHISHES *********************** *************************** FOR THE NEXT ****** ****** YEAR ****** /* browsing this file is no fun at all just type CHRISTMAS from cms */ *9 December 1987* CHRISTMA EXEC is released on BITNET. The program written in the REXX scripting language common to IBM Mainframes of the day is a small christmas card with a built in trojan horse. When executed it reads through the address book and sends copies to all your friends. The trojan horse managed to spread to the IBM internal network VNET through the BITNET-VNET gateway as well, causing even more massive grief on that network. IBM develops the first "mail scanner" code to look for and destroy the program on the VNET network.
Attachment:
_bin
Description:
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- Merry Christmas worm (Zafi.D) is spreading now. Beware! Feher Tamas (Dec 15)
- Re: Merry Christmas worm (Zafi.D) is spreading now. Beware! Valdis . Kletnieks (Dec 18)