Loading ...
Sorry, an error occurred while loading the content.

302New Virus Information

Expand Messages
  • Bureau of Public Secrets
    Oct 4 4:47 PM
    • 0 Attachment
      Dear friends,

      A new virus has appeared the last few days and seems to be spreading very
      rapidly. It is apparently a variation of the "Klez" viruses that started
      circulating last spring. I personally have received over 30 messages
      containing this virus in the past four days. That quantity no doubt reflects
      the fact that I have a pretty high public presence on the Net and am in lots
      of people's address lists; but it suggests that the virus is widespread and
      that many of you are also likely to receive it.

      Like the previous Klez viruses, this virus can take advantage of a glitch in
      old Windows systems to automatically open itself onto your computer. So if
      you haven't updated your Windows 98, the usual advice -- "Do not open
      strange email attachments" -- is not sufficient.

      I recommend that you subscribe to some anti-virus program, such as Norton,
      Symantec, or McAfee. I subscribe to McAfee's "VirusScan Online." It costs
      $30/year and is quite convenient since it updates itself automatically every
      few days (which is essential: an anti-virus program that is even a week out
      of date will not catch this current virus, for example, because it was just
      discovered a few days ago). I don't subscribe to McAfee's other programs
      (firewall, anti-spam, etc.), but the virus risk is a serious one. Without an
      anti-virus program you're almost bound to get a virus sooner or later. At
      best it's a hassle (you have to debug your computer and then send out
      warnings and apologies to everyone on your list); at worst, it could damage
      or destroy your files.

      As most of you are aware, two of the telltale signs of a virus hoax are that
      it is not dated (and hence can continue circulating indefinitely) and that
      it contains no reliable references to verify it. For verification of this
      message, please see the notice below, sent to me today (Oct. 3) by McAfee.
      You can go to their site for information on the virus. You can subscribe to
      VirusScan Online by clicking the link at the bottom. For more general news
      on this virus (referred to as "Bugbear"), see this article from ZDNet
      Technology News: http://zdnet.com.com/2100-1105-960696.html

      Two additional notes: I've noticed that the virus-containing messages are
      almost invariably 70K or 71K in size. So if you use a web-based email system
      that shows the size, you can delete such messages before downloading them.

      Note also: Among other deviousnesses, the virus tends to falsify the return
      address. So do not assume that a virus message seemingly sent from a certain
      address means that the computer at that address is infected. That address
      may simply have been gleaned from a computer that is infected.


      Ken Knabb


      ** VIRUS ALERT - W32/Bugbear@MM **
      ** HIGH RISK **

      Dear Ken,

      McAfee.com has seen a large and growing number of computers
      infected with W32/Bugbear@MM virus. The risk assessment has
      been UPDATED TO HIGH for home and corporate users. Users
      should update their anti-virus software as soon as possible.

      W32/Bugbear@MM is a mass-mailing worm that attempts to send
      itself to email addresses found on an infected system. It
      also spreads through open network shares and has the ability
      to send print jobs to printers found on an infected network.

      The "from" field, subject line, message body, and attachment
      all vary widely and may appear to be legitimate email.

      The virus will attempt to disable various security products,
      including anti-virus and personal firewall software.

      It will also try to install a backdoor trojan that can capture
      what the user types, including sensitive information such as
      passwords. The trojan will also allow a hacker to upload
      files from the infected system, download files onto the system,
      run executable files and stop processes from running.

      McAfee.com will continue to update you on the latest details
      of the W32/Bugbear@MM virus, click here for more information:
      ==> http://clinic.mcafee.com/clinic/ibuy/campaign.asp?cid=4035



      Protect your PC against Viruses. Buy VirusScan Online for
      only $29.95.
      ==> http://clinic.mcafee.com/clinic/ibuy/campaign.asp?cid=2377