Tangent 21 - More virus news...

Posted by
gobstopper

Posted on
13:33
Feb 18 2004

More virus news...

Another one of these little buggers has just been raised to Yellow Alert status.

WORM_NETSKY.B This malware is a memory resident mass mailer that uses SMTP to propagate and spread a copy of it.
Subject: %random%
From: %random%
Message Body:
%random%
Sample:
Subject: Read It Immediatly
From: %random%
Attachement: Posting.htm.com (22.0kb)
Message Body:
Something about you

Because of the way that Windows works by default, you may be fooled into thinking that if you receive a message where the attachment is called Posting.htm you are OK. There is a setting withing windows to hide the file extention for known file times (.exe, .com, etc...) so it's likely that if you receive a message which matches the other descriptive properties it will contain the virus.

Delete and do not think about opening it.

More info can be found Here

(Edited by gobstopper 18/02/2004 13:34)

1 Reply and 695 Views in Total.

guffer Everybody is dead, Dave

Ah, the second suffix to a filename trick again. Had this last summer with something similar and went through extensive testing with a mate. If you use a later version of Outlook (2000 onwards and not the express varient) it should block the attachment with the default security rules, but it DID NOT. Outlook Express did mark the attachment as unavaible if the "do not allow an attachment to be opened that may be a virus" box was ticked in the options. The problem was that it blocked almost every damned file.

Keep your AV scanners upto date!

Posted: 21:45 Feb 18 2004

Post a Reply

Back to the Forum

Poll

What do you think of Matt Smith as The Doctor?

He's fantastic! Instant favourite! (14%)

Good. A decent choice. (57%)

Not sure, need to see more. (29%)

Meh... he'll do I guess. (0%)

Terrible! Might stop watching. (0%)

Site Info

About T21