Page 1 of 1

Interesting virus threat?

Posted: Sat Mar 13, 2004 11:04 am
by Jeff250
I've never heard of this one.
Dear user of Gmx.net,

Our antivirus software has detected a large ammount of viruses outgoing
from your email account, you may use our free anti-virus tool to clean up your computer software.

Pay attention on attached file.

For security purposes the attached file is password protected. Password is "47838".

The Management,
The Gmx.net team http://www.gmx.net
Looks like they take the target's email domain and masquerade as tech support? The attachment (a zip file) was instantly annihilated by NAV when I tried to save it as being W32.Beagle.J@mm.

Later that day, I received...
Hello user of GMX.NET e-mail server,

Your e-mail account has been temporary disabled because of unauthorized access.

For details see the attached file.

For security reasons attached file is password protected. The password is "47838".

Best wishes,
The GMX.NET team http://www.gMX.NET
...containing the same virus.

Here's some more information I found:

http://www.sarc.com/avcenter/venc/data/ ... .j@mm.html

Posted: Sat Mar 13, 2004 11:41 am
by Vertigo
We're getting dozens of calls on our helpdesk every day just for that blasted virus :x

Posted: Sat Mar 13, 2004 12:22 pm
by CDN_Merlin
I've been getting that virus also but NAV zaps it before it does anything. Not that I'd actually run the file.

Posted: Sat Mar 13, 2004 12:23 pm
by Ferno
I got it once.

Posted: Sat Mar 13, 2004 2:15 pm
by AceCombat
couple times here, NAV blasted it aswell

Posted: Sat Mar 13, 2004 3:27 pm
by Tangaroa
Got one today and one a week or two ago.

Its got up to beagle.M now. Hopefully they will catch the bastard behind it soon.

Posted: Sat Mar 13, 2004 5:18 pm
by MD-2389
Hell, I got that two weeks ago. I already knew what it was beforehand, and that Testi wouldn't pull something like that on me so I deleted it on the spot.

Posted: Sat Mar 13, 2004 5:27 pm
by Darkside Heartless
*lighning stike and thunder*
Gotta love NAV :)

Posted: Sat Mar 13, 2004 6:42 pm
by Jeff250
Immediately I knew it was fake because gmx.net is German. :lol:

Posted: Sat Mar 13, 2004 9:41 pm
by DarkFlameWolf
I ★■◆●ing opened it, stupid ★■◆●ing me. I later replied to the email, got it bounced back. I should have done that in the first place, that would have clued me in.

Posted: Sun Mar 14, 2004 3:38 pm
by MD-2389
DarkFlameWolf wrote:I **** opened it, stupid **** me. I later replied to the email, got it bounced back. I should have done that in the first place, that would have clued me in.
You probably just signed yourself up on a mailing list.

Posted: Sun Mar 14, 2004 6:43 pm
by AceCombat
DarkFlameWolf wrote:I **** opened it, stupid **** me.


the first rule of stupidity:

NEVER OPEN UNKNOWN EMAIL

Posted: Sun Mar 14, 2004 8:00 pm
by Sting_Ray
Or ran that copy of Norton I gave yah hun :)

Posted: Sun Mar 14, 2004 10:17 pm
by DarkFlameWolf
yeah, Norton sucks.

Posted: Sun Mar 14, 2004 10:27 pm
by fliptw
Most(if not all) of these virus laden spams can easily be filtered out using a properly train spam filter.

Posted: Sun Mar 14, 2004 11:21 pm
by SSX-Thunderbird
Yup, spam filters usually catch these. I don't think I've seen any in my PD box, but I never look at the Junk folder in Mozilla Thunderbird. Heck, even Yahoo's basic SpamGuard catches 99% of the virus emails.