LISTSERV - TECHNET Archives - LISTSERV.IPC.ORG

TECHNET Archives

September 2002

TechNet@IPC.ORG

	LISTSERV Archives
	TECHNET Home
	TECHNET September 2002

	Log In
	Register

	Subscribe or Unsubscribe

	Search Archives

Options:	Use Monospaced Font Show HTML Part by Default Show All Mail Headers
Message:	[<< First] [< Prev] [Next >] [Last >>]
Topic:	[<< First] [< Prev] [Next >] [Last >>]
Author:	[<< First] [< Prev] [Next >] [Last >>]

Subject:	Off Topic - - - TONS of emails with attachments...
From:	Carl VanWormer <[log in to unmask]>
Reply To:	TechNet E-Mail Forum.
Date:	Tue, 3 Sep 2002 08:08:02 -0700
Content-Type:	multipart/alternative
Parts/Attachments:	text/plain (2783 bytes) , text/html (4 kB)

This looks like something the Klez virus (or similar ones) sends out.  I've
received a few recently.  The From: address is taken from the infected
machine's contacts list, in addition to the recipients of the mailing.
Check the Internet Headers on the message (in Outlook, open the message and
select View, Options).  The one's I've received have the actual sender's
address in the top line (after Received:)  I usually send a warning to that
person, since it's often someone I know (since I was in their email contacts
list, too)

Strangely enough, there is (often) no payload (included virus file), which
makes it hard for a virus to propagate . . .




Carl Van Wormer
Cipher Systems
1815 NW 169th Place, Suite 5010
Beaverton, OR  97006
Phone (503)-617-7447    Fax (503)-617-6550

-----Original Message-----
From: Steve Gregory [mailto:[log in to unmask]]
Sent: Monday, September 02, 2002 7:22 AM
To: [log in to unmask]
Subject: [TN] TONS of emails with attachments...
Importance: High


Hi All,

I was wondering if I was the only one who was deluged with all kinds of
emails with attachments this past weekend? A lot of them had sender
addresses that looked like they came from a Technetter.  To wit:

Subj: A good tool
Date: 9/1/2002 7:49:52 PM Central Daylight Time
From: [log in to unmask] <mailto:[log in to unmask]>
To: [log in to unmask] <mailto:[log in to unmask]>
File: If.zip (84753 bytes) DL Time (34667 bps): < 1 minute
Sent from the Internet (Details)

This is a very good tool
I expect you would like it.

Fastech is a contract assembly company. But then I got this email:

Subj: Spice girls' vocal concert
Date: 9/1/2002 7:59:37 PM Central Daylight Time
From: [log in to unmask] <mailto:[log in to unmask]>
To: [log in to unmask] <mailto:[log in to unmask]>
File: feature.zip (130608 bytes) DL Time (34667 bps): < 1 minute
Sent from the Internet (Details)

I knew something screwy was going on then...of course I haven't opened ANY
of the attachments...

Just wondering, did any of you get these too?

-Steve Gregory-




---------------------------------------------------------------------------------
Technet Mail List provided as a free service by IPC using LISTSERV 1.8e
To unsubscribe, send a message to [log in to unmask] with following text in
the BODY (NOT the subject field): SIGNOFF Technet
To temporarily halt or (re-start) delivery of Technet send e-mail to [log in to unmask]: SET Technet NOMAIL or (MAIL)
To receive ONE mailing per day of all the posts: send e-mail to [log in to unmask]: SET Technet Digest
Search the archives of previous posts at: http://listserv.ipc.org/archives
Please visit IPC web site http://www.ipc.org/html/forum.htm for additional
information, or contact Keach Sasamori at [log in to unmask] or 847-509-9700 ext.5315
---------------------------------------------------------------------------------

ATOM RSS1 RSS2

LISTSERV.IPC.ORG