[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <001601c472bd$18af65f0$b913400a@msad.brookshires.net>
From: toddtowles at brookshires.com (Todd Towles)
Subject: [ok] Possible Virus/Trojan
I would say that the latter is the more likely, but the message came from a
hotmail account. Doesn't hotmail check attachments? I didn't look at the
headers really so spoofing is possible. I am getting a copy to a research
company so I can get some more answers maybe.
-----Original Message-----
From: Curt Purdy [mailto:purdy@...man.com]
Sent: Sunday, July 25, 2004 2:07 PM
To: 'Todd Towles'; 'Mailing List - Full-Disclosure'
Subject: RE: [ok] [Full-Disclosure] Possible Virus/Trojan
Todd Towles wrote:
> I received an e-mail today that looked very much like a virus. Here is the
message
>
> Attachment - erupts.avi.exe
>
> Subject - New Southern California wildfire erupts
<snip> .
>
> Either this is a new Trojan that changes it body and subject based on the
current AP news or someone used a very lame trick against me. =)
I'm guessing the latter. Although story scraping would be possible,
intellegent naming of the .exe would not be. Most likely a friend... or
enemy.
Curt Purdy CISSP, GSEC, MCSE+I, CNE, CCDA
Information Security Engineer
DP Solutions
----------------------------------------
If you spend more on coffee than on IT security, you will be hacked.
What's more, you deserve to be hacked.
-- former White House cybersecurity adviser Richard Clarke
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20040725/f4430e97/attachment.html
Powered by blists - more mailing lists