lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list] 
Message-ID: <1078829651.23556.87.camel@adesk>
From: full-disclosure at illuminated.nl (Aschwin Wesselius)
Subject: Has anyone seen this in their e-mail

On Tue, 2004-03-09 at 01:44, Edward W. Ray wrote:
> This e-mail was addressed to my mail server.  It even looked 
> authentic, but since my mail server never sends me zip attachments I 
> thought it strange.
> 
> Please be careful when opening.  The zip file contains an executable,
> and I would assume it is some kind of virus or worm.
> 
> Has anyone else seen something similar?
> 
> Regards,
> 
> Edward W. Ray
> 

Yeah, this looks like one I've got yesterday too. 

The message was different and even the password was different (clever
virus-writer huh). I bet it is a Bagle.Gen-zippwd (who gives them names
actually?) sort of worm, but am not sure. 

I dare not to open it at all. At least my ClamAssassin fetched it and
sorted it into my Virus folder. This means that ClamAV (for Linux)
recognizes it as a worm/virus

Kind regards,

Aschwin Wesselius

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ