|
Author
|
|
Topic: BADTRANS Virus | Topic page views:
|
|
Thermit
Tech
Houston, TX
2733 posts, Jul 2000
|
posted 11-28-2001 04:57 PM
   
You may have already heard about this, but I'm getting a lot of emails to the site that are infected with this virus...
http://www.symantec.com/avcenter/venc/data/w32.badtrans.b@mm.html
quote:
Due to the increased rate of submissions, Symantec Security Response has upgraded the threat level of this worm from level 3 to level 4 as of November 26, 2001. W32.Badtrans.B@mm is a MAPI worm that emails itself out using different file names. It also creates the file \Windows\System\Kdll.dll. It uses functions from this file to log keystrokes. ... In all cases, MAPI will also be used to find unread mail to which the worm will reply. The subject will be "Re:". In that case, the attachment name will be one of the following: PICS
IMAGES
README
New_Napster_Site
NEWS_DOC
HAMSTER
YOU_ARE_FAT!
SEARCHURL
SETUP
CARD
ME_NUDE
Sorry_about_yesterday
S3MSONG
DOCS
HUMOR
FUN In all cases, the worm will append two extensions. The first will be one of the following: .doc
.mp3
.zip The second extension that is appended to the file name is one of the following: .pif
.scr
Watch Out and get a virus checker!
|
Lulu
ice behaving badly
right here
2553 posts, Dec 2000
|
posted 11-28-2001 06:37 PM
Thanks for the warning Thermit!
|
mark sky
bin Rydin
SW coast of Oregon
1089 posts, Jun 2001
|
posted 11-28-2001 09:08 PM
Sounds like little red riding~HOODz has a "majik lantern"
and is going down everYones chimney
posting as santa'S (ashcroft]NWO clause...http://news.bbc.co.uk/hi/english/sci/tech/newsid_1678000/1678578.stm
[Edited 2 times, lastly by mark sky on 11-28-2001]
|
Thermit
Tech
Houston, TX
2733 posts, Jul 2000
|
posted 12-04-2001 03:27 PM
This virus is still going strong, and now it has a friend... http://www.ananova.com/news/story/sm_465446.html?menu=news.latestheadlines
|
theseeker
One moon circles
Damnit...I'm a doctor jim
3403 posts, Jul 2000
|
posted 12-06-2001 05:08 PM
this person if they exist :From: "Bridget Haworth" <_water.can@sympatico.ca> just sent that virus to me...the virus was quarantined and could not be repaired, I sent the info to symantec... word-up
|
Lulu
ice behaving badly
right here
2553 posts, Dec 2000
|
posted 12-06-2001 10:00 PM
I had the (ME_NUDE.mps from "Bridget Haworth" Re) sent to both of my e-mail addys today.Course I delete both of them tout suite!
[Edited 3 times, lastly by Lulu on 12-23-2001]
|
Thermit
Tech
Houston, TX
2733 posts, Jul 2000
|
posted 12-19-2001 03:40 PM
From Whitley... quote:
Badtrans Internet Worm Information The Badtrans Worm was designed to return information from Outlook and Outlook Express users (Who else?) to hackers who could then enter victims' computers and steal passwords, etc. One of the service providers that the hackers were using to gather e-mails noticed the sudden heavy usage and closed the e-mail account that was receiving hundreds of thousands of e-mails from infected computers. The FBI soon contacted them, asking to 'go fishing' in what the victims of this hack had believed was private correspondence. Were you hacked? How can you find out? Well, it turns out that you can. The database of hacked e-mails is available at http://badtrans.monkeybrains.net You can input your e-mail address and find out if you're in the database. If you are, it means that you are a victim of the Badtrans worm and should virus clean your computer. (Not all Badtrans victims appear in this database, but it's the only one that is publicly accessible.)
|
theseeker
One moon circles
Damnit...I'm a doctor jim
3403 posts, Jul 2000
|
posted 01-08-2002 06:08 PM
just got my second badtrans last night complete with trojan it will say "greg re:" file size is 40k.....I recommend that NOONE open mail from me at any other addy than my yahoo account located on the front page of my site...oh happy day....
http://www.geocities.com/theseeker_0714b/index.html T/S
|
Lulu
ice behaving badly
right here
2553 posts, Dec 2000
|
posted 01-08-2002 06:46 PM
I got the Greg Re: this morning and deletedd it right away. Thanks seek. Sorry you were hit. Harsh.
|
Chemtrail Central Forum
UBBFriend: Email This Page to Someone! 
