lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Message-ID: <001c01c47421$ad557c20$fc11010a@msad.brookshires.net>
From: toddtowles at brookshires.com (Todd Towles)
Subject: [ok] Possible Virus/Trojan

Hey FD,

I have seen some information about the file I received on Friday. It is
malware for sure. 

I was the only person in the company to receive it. It isn't detectable by
my up-to-date AV as of yet. Plus as we all saw this weekend it appeared to
grab news headlines. 

Some of us found this hard to believe this weekend, but then we saw MyDoom-O
slow Google on a global scale days later. Maybe the impossible is more
possible now. I will release more information on the file when I get it.

Thanks for everyone help in this manner. FYI, I have yet to see another
e-mail of this type.

-Todd

-----Original Message-----
From: full-disclosure-admin@...ts.netsys.com
[mailto:full-disclosure-admin@...ts.netsys.com] On Behalf Of Mortis
Sent: Tuesday, July 27, 2004 3:36 PM
To: full-disclosure@...ts.netsys.com
Subject: RE: [ok] [Full-Disclosure] Possible Virus/Trojan

 > I have sent it to a couple of people, maybe
 > it was just someone messing with
 > me.

Yo, Jones, thanks for the update.  I was waiting for you guys to speculate 
up whether or not that thing was a virus.  Let us know what the experts 
say.  It's fun being on the cutting edge.

Do you have an analysis for the virii on FD the past couple of weeks?  They 
are strangely similar.  It's really funny how they all come from things 
like 'theo' and 'bsd_is_kool.exe.avi.zip.ithreadbetter'.  I think these 
virii may have some from Australia, but I didn't read the headers yet or 
look at the code, so what the heck do I know?

I keep worrying that if I go past one it will infect me.  Do you know if 
Eudora is safe?  That Paul dude keeps posting scary stuff about Eudora.  I 
stopped using OE because I got infected too often.

My friends prank me all the time.  It bites.  It's hard to tell what's 
really bad and what's really not.  Sometimes they send me pron but I don't 
run it.  Next thing I know every time I click on a folder it melts or 
something.

On a personal note, my Aunt Mary got sick last week.  What have you been up 
to?

Must be good hunting down south there.  You need some bow hunters this fall?

Always looking for a foolish critter to take a whack at.  Never enough 
backstrap to go around up north here.
--
Mortis 

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ