What's This???

Discussion in 'Email Support' started by hatton, Mar 5, 2004.

  1. hatton

    hatton Perch

    I just received the following email and I'm not quite sure what to do with it -It's from "the Ithinkitsnifty.com team" (which is my domain) and has a ZIP file attachment with an EXE file inside. The file's name appears to be a random string of characters.

    For additional information, here are the message's headers:


    Is this some new tool that's been put in place or is this a beast of a different color?
  2. SubSpace

    SubSpace Bass

    I haven't seen this one before, but then again all virus e-mails get nerfed into oblivion before I see them.
    It looks like a virus e-mail to me, with some text that tries to confuse you and trick you into launching the executable.

    The e-mail originates from some Cox Internet user..
  3. hatton

    hatton Perch

    Okay, that's what I was thinking as well... I know that there has been some discussion here about adding filters to the email server and did not know if that was something that has been done or not.

    Very tricky way to go about spreading a virus as well. Since the attachment is ZIPed *and* encrypted (password protected) I don't think AntiVirus programs can see it until it's too late!
  4. hatton

    hatton Perch

    A little more reasearch turned out that it is indeed a virus. Rather tricky one as well -

    It's the W32/Bagle.k@MM virus. More details here:

    http://vil.nai.com/vil/content/v_101074.htm

    Thanks again for the reply!
  5. reptilecrazy

    reptilecrazy Perch

    There is a vast amount of these flowing around at the moment, anything that looks sus to me just goes stright in the trash.
  6. There is a virus war going on right now between bagle, mydoom, and netsky. netsky has been grabbing all the attention lately so bagle and mydoom are ramping up their distribution. The virus also contain written attacks against their competitors. Be on the lookout for a lot more like this.
  7. SubSpace

    SubSpace Bass

    Hmm, only 1 Bagle received on my e-mail addies so far, 346 MyDooms and variants, and 3000+ Sobig.Fs at the time, I hope the downwards trend will continue ;)

Share This Page

JodoHost - 26,000 hosting end-users in 100 countries
Plesk Web Hosting
VPS Hosting
H-Sphere Web Hosting
Other Services