?

Log in

No account? Create an account
Virus Worm.ExplorerZip - Peter Sheil [entries|archive|friends|userinfo]
Peter Sheil

[ website | Peter's Home Page ]
[ userinfo | livejournal userinfo ]
[ archive | journal archive ]

Virus Worm.ExplorerZip [Jan. 9th, 2003|12:49 pm]
Peter Sheil
A new variant of this was reported yesterday ... guess how I know ...
no I didn't catch it personally but I've just spent all morning getting
my PCs scanned with an updated virus scanner and trying to find out
what the damage is.

If you get an e-mail with a file "Zipped_files.exe" then don't open it.
I chuckled at two colleagues who did, but the consequences are a pain.
It sets to zero bytes size a series of file extensions (including .doc,
.ppt and .xls) on all attached drives C: to Z:. It also sets itself up
to scan your inbox for unread mail. When it finds one it replies along
the lines of: -

"Hi
I received your email and
I shall send you a reply
ASAP. Till then, take a
look at the attached
zipped docs."

Only just got back on-line ... what a waste of time ... grrrrr

Stay safe guys
peter
LinkReply

Comments:
[User Picture]From: mysticprincess
2003-01-09 05:08 am (UTC)
Thanks for the warning.
(Reply) (Thread)
[User Picture]From: acoolsecretary
2003-01-09 07:13 am (UTC)
WOW! Sorry about all the hassles. I LOVE MY MAC!!!!
(Reply) (Thread)
[User Picture]From: petersheil
2003-01-09 08:29 am (UTC)

Re:

:P

Let me just hunt out a Mac virus for you ;)
(Reply) (Parent) (Thread)
(Deleted comment)
[User Picture]From: petersheil
2003-01-10 12:21 am (UTC)

Re:

Now there's a challenge :)
I agree there are a lot fewer for Macs, but I'm sure there are some.

Adds to background task list.
(Reply) (Parent) (Thread)
[User Picture]From: petersheil
2003-01-10 03:54 am (UTC)
1. Discovered 7 June 2001
Mac.Simpsons@mm is an AppleScript worm that targets the Macintosh platform. It may open Microsoft Outlook Express or Entourage, and send a copy of itself with the original message to everyone in your address book. The name of the script is "Simpsons Episodes." This worm does not appear to be particularly malicious, and is similar to other mass-mailing worms that affect Window's computers such as VBS.LoveLetter. Symantec Security Response has received very few submissions of this worm.

2. AutoStart 9805
AutoStart 9805 is a Macintosh worm which executes only in native PowerPC mode. It was first discovered in Hong Kong in May 1998. It utilizes the CD-ROM AutoPlay feature in QuickTime 2.5 or later. This feature, if enabled, allows the invisible AutoStart 9805 application to automatically launch when an infected volume is mounted.
(Reply) (Parent) (Thread)
(Deleted comment)
[User Picture]From: petersheil
2003-01-10 08:58 am (UTC)

Re: Gosh, now if I had a five year old machine I might be worried!

The symantec site listed 43 Mac viri (sp? :) ) but yes I think they were all for old versions or gave very little information about them. Just be thankful that Macs aren't more popular or there'd be more hackers out there trying to crack them. :)

Practice safe computing - install a condom over your network port.
peter
(Reply) (Parent) (Thread)
(Deleted comment)
[User Picture]From: acoolsecretary
2003-01-09 09:08 am (UTC)

Re:

NOT!!!!!!!
{{HUG}}
(Reply) (Parent) (Thread)
[User Picture]From: petersheil
2003-01-10 12:22 am (UTC)

Re:

:)
Oh OK then.
(hugs) back
(Reply) (Parent) (Thread)