[Peace-discuss] Fwd:FW: Virus Warning from Devon-Please read and send

jencart jencart at mycidco.com
Fri Feb 3 13:35:57 CST 2006 

Friends -- This just in from a dance friend via her sister in CA....for what it's worth.  

Jenifer C.
--------------------------------------------------------------
Hi all,
I was just running my LiveUpdate and my virus scan (since the local news said there was a virus coming on Friday), when I got this note from my sister.  Pass it along to anyone you think of.
Love, Mary

Mary D. Cattell
"I arise in the morning torn between a desire to improve the world and a desire to enjoy the world.  This makes it hard to plan the day." -E.B.White
 
 -----Original Message-----
From: Devon Cattell [mailto:devon at cattell.net] 
Sent: Wednesday, February 01, 2006 8:15 PM
To: devon at cattell.net
Subject: Warning from Devon-Please read and send out ASAP




THIS IS not humor - I have checked it at SNOPES.COM


Emails with pictures of Osama Bin-Laden hanged are being sent and the moment that you open these emails your computer will crash and you will not 
be able to fix it!

This e-mail is being distributed through countries around the globe, but mainly in the US and Israel.

If you get an email along the lines of "Osama bin Laden Captured" or "Osama Hanged" don't open the attachment.

Confirmed at:  http://www.snopes.com/computer/virus/osamahanged.asp

Origins: There are few headlines that would grab the attention of more computer users around the world than "Osama bin Laden Captured," and that's exactly what whoever created this lure was counting on to snare unsuspecting victims who use Microsoft platforms.

"Osama bin Laden Captured" isn't a virus in itself; it's the text of a message that includes a link to a file called EXPLOIT.EXE. When a message recipient clicks on this link to view what he thinks are pictures of Osama bin Laden's capture, he can end up downloading an executable Trojan known as Backdoor-AZU, BKDR_LARSLP.A, Download.Trojan,

TrojanProxy.Win32.Small.b,or Win32.Slarp. Clicking the embedded link in the 
"Osama bin Laden Captured" message auto-executes a file called  "EXPLOIT.EXE," which exploit s a known security hole to download the  Trojan. According to McAfee Security:

The Trojan opens a random port on the victim's machine. It sends the Port information to a webpage at IP address 66.139.77.145. The Trojan listens on the open port for instructions and redirects traffic to other IP addresses. Spammers and hackers can take advantage of compromised systems by using the infected computer as a middleman, allowing them to pass information through it and remain anonymous

More information about the Peace-discuss mailing list