Virus Alert

[~Lazarus~]

Guys,

Not sure if you have seen this alert :

As you are aware, there is a new Virus W32.Nimda.a which has been reported in the media. The Virus comes in the form of an Email with an attachment Readme.exe which should not be opened. The mail should be deleted immediately

You have been warned.

 

[Wij]

duh, Readme.exe sounds like just the sort of attachment I'd open straight away

 

[Testin da Cable]

heh no exactly aimed at the high end users aiiii

 

[Wij]

"Extended Warranty ! How can I lose ?"

 

[Testin da Cable]

A mass mailing email worm that contains exploit components from the infamous Code Red worm has appeared on the Internet, and appears to be spreading fast.

Nimda, which spreads though an infected email attachment, appears at the user's In-box with a random subject line and no body text. It comes with attachments called readme.exe and an HTML file. Users are advised to open neither and delete suspicious emails.

The malicious code contains an exploit string similar to that in the Code Red worm which is causing software tools that detect Code Red to "light up like Christmas trees", we hear.

MessageLabs, a managed services firm which scans its customers email for viruses, has intercepted 164 copies of the virus so far, after it first appeared this afternoon, possibly originating from Korea.

Graham Cluley, senior technology consultant at Sophos, said early analysis suggested the virus tries to add malicious JavaScript to Web pages on IIS servers that are vulnerable to the Code Red worm. But how the virus works remains unclear.

AV software vendors are busily updating their software to detect the worm. ®

Update
An increase in port 80 scanning relating to the Nimda worm - which attempts to hit IIS boxes with many different exploits - has been reported by CERT. Its scanning activities might result in some overall slowdown of the Internet.

Central Command has published a more detailed description of the worm which states that although the body of an email appears blank, it contains code that will execute if a user views a message in either Outlook or Outlook Express.

To spread, Nimda uses MAPI (Mailing API) functions in order to extract email addresses, according to Central Command.

Another method to spread is by using a Unicode Web Traversal exploit similar to Code Blue targets which, as previously reported, tries to reprogramme systems previously infected by the Code Red worm.

thank you register

 

[-AP-]

So that means if i get something like that, open it at work, and it is a virus the company network might go down??


A nice thought to start the day!

 

[Testin da Cable]

an NT security officer once said to me: our NT systems can't get virus infections, as they are inside a secure network.

about half an hour after he told me that, several servers had to be taken down as some utter utter moron had pulled his mail in off the internet, then plugged his laptop into the lan.

I find it very strange that peeps with multiple degrees/qualifications/etc can't get it through their skulls that when an IT person says not to do a thing [like open a 'readme.exe' heh], they're supposed to listen and obey.


-TdC


PS. of course, nothing happened to my unix boxes

 

[-AP-]

Think the only 'virus' i have ever got was from MSN messenger. Some kind of Clinton virus.... all it did was keep sending smilies to who ever you were chatting to. Hardly anything major - was just a matter of deleting the file in dos

 

[Summo]

McAfee on the Nimda virus:

The email messages created by the worm specify a content-type of audio/x-wav and contain an executable attachment type. Thus when a message is accessed, the attachment can be executed without the user's knowledge. Simply viewing the page in Microsoft Outlook or Microsoft Outlook Express using the preview pane can infect you.

Clever. It's been done before but never potentially this damaging.

All my servers are now patched and updated....

 

[~Lazarus~]

Originally posted by Mr_Powers
Think the only 'virus' i have ever got was from MSN messenger. Some kind of Clinton virus.... all it did was keep sending smilies to who ever you were chatting to. Hardly anything major - was just a matter of deleting the file in dos

I was affected secondhand by the Loveme virus,

Went in one morning to work to find my mailbox filled with 719 mails from people in the Company who had stupidly opened the attachment.

Did I feel popular !!!

 

[DAN200]

Originally posted by Mr_Powers
Think the only 'virus' i have ever got was from MSN messenger. Some kind of Clinton virus.... all it did was keep sending smilies to who ever you were chatting to. Hardly anything major - was just a matter of deleting the file in dos

I saw someone with that, bloody annoying innit?

 

[]SK[]

Took me 4 hrs to clean this baby off someones cpu today at work :/

 

[Moving Target]

NOOOooooOO!!1 MY CPU IS MELLTINNGGGG!!!......

 

[Summo]

He didn't mean clean it with lemon Jif, you nonce.

 

[old.DarkReaper-UTO]

Funny how this, along with other recent viruses similar to this, affects only Microsoft Windows systems? Why is that? Hm...could it be that windows has more bugs than an ant colony? As I like to say whenever a new patch comes out, or a new virus surfaces and takes over....

If we were all on Linux this couldn't happen!

 

[]SK[]

Linux isnt as common as a windows os so why target a small audiance?

 

[old.DarkReaper-UTO]

How could you be so ignorant to completely miss the point?

Windows has tons of security holes. This virus and recent ones have exploited these. Microsoft has done nothing about it, save the rare patch. Why patch something when you can get it done right to begin with? Oh wait..its microsoft windows, rofl.

Linux on the other hand is one of the most secure, fastest, most stable OSes out there. Why? Mainly because its open source, and its based off of UNIX.

 

[Testin da Cable]

Originally posted by DarkReaper-UTO

If we were all on Linux this couldn't happen!

wrong dudeh. if we all ran linux it would still be happening I'm afraid. it would just be slightly more difficult to do.
You have nicely pointed out one of the strengths of 'open source' tho [for all you non-believers out there, MS calls open source a 'very bad thing'(tm) [amongst other rather bad words]] as having your software open to the world means that potential bugs and security probs will be seen and fixed faster [and better] than any bughunting dept. could ever do.

 

[old.DarkReaper-UTO]

I don't think it would still be happening at all. The only way these spread is by exploiting security holes. There are no security holes in Linux, if one was found, it would likely be found by someone developing the OS than by someone trying to exploit it. It would then, of course, be fixed.

 

[MYstIC G]

http://www.symantec.com/avcenter/venc/data/w32.nimda.a@mm.html

 

[old.D R E ad]

Must be big, it was on the news today. Not many Virus's make it onto the news!

 

[Testin da Cable]

by DarkReaper-UTO
The only way these spread is by exploiting security holes.

don't forget misconfiguration heh

There are no security holes in Linux, if one was found, it would likely be found by someone developing the OS than by someone trying to exploit it.

not entirely true m8eh
/me whistles 'the sploit song'

It would then, of course, be fixed.

absolutely!

by D R E ad
Must be big, it was on the news today. Not many Virus's make it onto the news!

it's a worm, and no virus or worm would ever make the news if there weren't so many idiots in the world fs

 

[Summo]

Originally posted by DarkReaper-UTO
How could you be so ignorant to completely miss the point?

Windows has tons of security holes. This virus and recent ones have exploited these. Microsoft has done nothing about it, save the rare patch. Why patch something when you can get it done right to begin with? Oh wait..its microsoft windows, rofl.

Linux on the other hand is one of the most secure, fastest, most stable OSes out there. Why? Mainly because its open source, and its based off of UNIX.

Showing a fair bit of ignorance there yourself, fella.

 

[]SK[]

Originally posted by DarkReaper-UTO
How could you be so ignorant to completely miss the point?

Windows has tons of security holes. This virus and recent ones have exploited these. Microsoft has done nothing about it, save the rare patch. Why patch something when you can get it done right to begin with? Oh wait..its microsoft windows, rofl.

Linux on the other hand is one of the most secure, fastest, most stable OSes out there. Why? Mainly because its open source, and its based off of UNIX.

Quit bitching and use linux then.

 

[]SK[]

Originally posted by D R E ad
Must be big, it was on the news today. Not many Virus's make it onto the news!

Yup after I got rid of it I was driving back to office and it was on the news. It infected there mac server shared DIR. I left the mac to die and cleaned the PC's.

 

[old.Reverend Flatus]

Originally posted by DarkReaper-UTO
There are no security holes in Linux

Wrong!

 

[Summo]

Originally posted by +SA+SerialKilla
I left the mac to die and cleaned the PC's.

Good man.

 

[Embattle]

Originally posted by DarkReaper-UTO
Why? Mainly because its open source, and its based off of UNIX.

Because its percentage of the market is small and if you're a cunt who writes virus which OS you gonna do it for

 

[Testin da Cable]

that should read 'desktop' market

 

[old.=DI=Penry]

Originally posted by D R E ad
Must be big, it was on the news today. Not many Virus's make it onto the news!

Argggh - I've speant more time talking to 'concerned' users than removing the damn thing..

Grrrr - H8 the media !