Full Disclosure mailing list archives
Re: New Virus under way ...
From: David Schultz <evil_genius () mac com>
Date: Fri, 19 Mar 2004 11:48:57 -0500
On 3/18/04 11:24 AM, "full-disclosure-request () lists netsys com" <full-disclosure-request () lists netsys com> wrote:
Message: 2 got a strange Mail 2day: Subject: RE: Protected message From: 20030814171411.10246.qmail@www.securityfoc link to virus is ... http://221.153.61.232:81/100721.php Host is in Korea, abuse warning has been sent. can anyone verify what kind of malware that is ? Helmut
The php script has a download link from the same web server. The linked file is a jpg that has what norton corporate version 8.00.9374 calls bloodhound.packed (defs are 3/10/04 rev 5) DVS -- "If you want to eat hippopotamus, you've got to pay the freight." -attributed to an IBM guy, about why IBM software uses so much memory _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- Re: Re[2]: New Virus under way ..., (continued)
- Re: Re[2]: New Virus under way ... Nick FitzGerald (Mar 18)
- Re: New Virus probably Bagle.Q Rob, grandpa of Ryan, Trevor, Devon & Hannah (Mar 19)
- RE: Re[2]: New Virus under way ... SRH-Lists (Mar 18)
- RE: Re[2]: New Virus under way ... Schmehl, Paul L (Mar 18)
- Re: Re[2]: New Virus under way ... Berend-Jan Wever (Mar 18)
- Re: New Virus under way ... Aschwin Wesselius (Mar 18)
- RE: Re: New Virus under way ... Tech List (Mar 18)
- Re: Re[2]: New Virus under way ... Berend-Jan Wever (Mar 18)
- RE: Re[2]: New Virus under way ... Nick FitzGerald (Mar 18)
- RE: Re[2]: New Virus under way ... Jos Osborne (Mar 19)
- Re: New Virus under way ... Paolo A. Gallenga (Mar 19)
- Re: New Virus under way ... David Schultz (Mar 19)