Full Disclosure mailing list archives

Previous By Date Next
Previous By Thread Next

RE: Virus infections

From: "Debasis Mohanty" <mail () hackingspirits com>
Date: Thu, 24 Nov 2005 08:10:09 +0530
This sober *FBI/CIA* variant seems to have strike back with the intention to
make *news* which it failed to make when it was originally released first
time in the month of Feb (2005). I encountered it in the month of Feb and
since there were no AV advisories around, I reverse engg it to find out the
'payload' but there were no destructive payload and it was just a mass
mailler. A reverse analysis report can be downloaded from the following link
- 
http://www.hackingspirits.com/eth-hac/papers/Fake-FBI-Worm-Analysis.zip

- T (aka D) 

-----Original Message-----
From: full-disclosure-bounces () lists grok org uk
[mailto:full-disclosure-bounces () lists grok org uk] On Behalf Of pingywon
Sent: Thursday, November 24, 2005 12:34 AM
To: Geo.; full-disclosure () lists grok org uk
Subject: Re: [Full-disclosure] Virus infections

yes indeed this Sober virus is ramping up pretty quick.

Alot of my clients have called me today asking about emails they have
received.

Here is all the latest info on it.

http://vil.mcafeesecurity.com/vil/content/v_137072.htm

~pingywon MCSE


_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
Previous By Date Next
Previous By Thread Next

Current thread: