Holy $#%!^@!

Previous | | Next

19 August 2003 @ 03:47 pm

Holy $#%!^@!

In the past hour, i have received about a dozen emails, all from people i don't recognize, all having pif files attached. Most of them with one of the comonly listed file names for one of the recent viruses.

Luckily, i'm on a linux system, and use pine, so i'm completly immune! *sticks tongue out at stupid virus*

At first i thought it was spammers that got nailed by the virus, but when i looked at the header info, although the From address is random, the Received section says they're all from what looks suspiciously like the login name of a friend of mine. (How you doing Merchimerch? Having virus issues at the moment? =/)

If that's the case, it's apparently choosing random addresses, presumably out of her email account, to spoof the From address as. Why? Why not use her address since i'm more likely to open an email from her than from some random person she knows but i don't.

I've also received two emails from random companies saying that i sent them "potentially unsafe contents." Presumably they got sent the virus, from Merchimerch or someone else, with my email spoofed as the From address =P

And while i've been writing this another three or four have shown up =P

Current Mood: amazed

6 comments | Leave a comment)

6 comments —

( 6 comments — Leave a comment) )

merchimerch on August 19th, 2003 04:41 pm (UTC)

yeah that merchimerch one is my student account - I got hit but didn't even open it - and it is webmail - so this is quite a virus if it replicated itself anyway.....all my email accounts have gotten totally spamified! It's quite a worm - the warning came out at work today about it.

(Reply) (Thread) (Link)

donaithnen on August 19th, 2003 04:45 pm (UTC)

Ahhh, just sent you email about it :)

let me know if i can do anything to help.

(Reply) (Parent) (Thread) (Link)

merchimerch on August 19th, 2003 04:46 pm (UTC)

i dunno if you can - it seems to be coming from lots of people I know who aren't stupid enough to open viruses.....sorry for the spam to whoever I did it to.

(Reply) (Parent) (Thread) (Link)

leora on August 19th, 2003 05:59 pm (UTC)

I got about 8 or 9 and one email from someone asking me who Iw as. I explained that I was apparently someone who knew someone who got infected with a virus. The person was nice about it and thanked me for the warning not to open the attachments.

I also use linux for email. But the flood of emails was really annoying, most of them came in while I was online and in a burst. I'm pretty lucky I didn't receive more than I did. I wish I'd been clever enough to figure out who was infected.

I think that's the idea of forging btw, well twofold, one to make it hard to easily tell the person who is infected so they get it fixed and two to cause havoc as the wrong people get blamed and yelled at.

(Reply) (Thread) (Link)

sithjawa on August 19th, 2003 06:15 pm (UTC)

Yes, the virus has an smtp server inside (useful virus, wish I could snag the code, I could use a Windows smtp server right now) and spoofs mailheaders like mad. It's damn annoying for those people whose mail gets spoofed. I ain't got hit yet, but I am sure I will in time. :/

It's ass hard to figure out where the damn things is comin' from. I'm just glad that when it finds all these email addresses in a wide range of file types on people's HDs, it doesn't just quietly collect them and send them all to spammers. Now that'd be a heinous virus.

(Reply) (Thread) (Link)

kirinn on August 20th, 2003 12:19 pm (UTC)

Ah, but if it did that, it would quickly spam the spammers (i.e. wherever it was sending address lists to would get overloaded in a heartbeat). That, plus it would lead everyone paying attention straight to the source.

Recently one of my coworkers got a variant of this virus (BugBear, I think) which decided to forge me as the sender for _all_ of the mail it sent to his entire address book. So I never got the virus, but I got about 50 bounced/returned/confused mails. Yay. :P

(Reply) (Parent) (Thread) (Link)

Log in