nanog mailing list archives

Re: new nasty email virus trick to bypass scanners

From: Mike Tancsa <mike () sentex net>
Date: Wed, 03 Dec 2003 22:48:26 -0500



NAI has it as well now

http://vil.nai.com/vil/content/v_100856.htm

        ---Mike

At 10:20 PM 03/12/2003, Damian Gerow wrote:

On Wed, 3 Dec 2003, Steven M. Bellovin wrote:
> Is this in the wild yet?  Any other details worth looking for?
> Symantec's AV site apparently has nothing on it.

I would say so - I got it in my inbox earlier this afternoon, and I
traditionally get about three viruses a month.

The virus itself is *exactly* like Mmimail.M, as reported by Symantec.
Except that wendy.zip was definitely password protected.

  - Damian

Current thread:

new nasty email virus trick to bypass scanners Mike Tancsa (Dec 03)
- Re: new nasty email virus trick to bypass scanners Steven M. Bellovin (Dec 03)
- <Possible follow-ups>
- Re: new nasty email virus trick to bypass scanners J. Oquendoy (Dec 03)
  - Re: new nasty email virus trick to bypass scanners Mike Tancsa (Dec 03)
- Re: new nasty email virus trick to bypass scanners Damian Gerow (Dec 03)
  - Re: new nasty email virus trick to bypass scanners Mike Tancsa (Dec 03)
- Re: new nasty email virus trick to bypass scanners Mike Tancsa (Dec 03)
  - RE: new nasty email virus trick to bypass scanners Priyantha (Dec 04)
    - RE: new nasty email virus trick to bypass scanners Henry Linneweh (Dec 04)
    - Re: new nasty email virus trick to bypass scanners Valdis . Kletnieks (Dec 04)
    - Re: new nasty email virus trick to bypass scanners Christopher Chin (Dec 04)
    - RE: new nasty email virus trick to bypass scanners R. Benjamin Kessler (Dec 04)