virus

[egypturnash]

Hey, if you run Windows and have my email address in your mailer, you should check your system for viruses. I've been getting a lot of bounce mail the past few days, all claiming to be for e-mail with innocuous subjects like "test" and containing some kind of little attachment that sure smells like Windows virus to me.

Is it just me, or is sending back the entire e-mail, including binary attachments, really stupid in this day and age of virii that eat Outlook alive in its default configuration? If I was using Windows Open Sore E-Mail, I'd probably be catching the stupid virus from these bounces.

Comments

[nigel.livejournal.com]

I think that's the new "Novarg" virus that's going around. It's designed to attack the SCO (http://news.com.com/2100-7349_3-5147605.html?tag=nefd_lede) on Feb. 1st. I haven't gotten one yet, but I've talked to some people today that are getting dozens of them already.

[shatterstripes.livejournal.com]

Oh, okay. So they're faux bounce messages? Yay. I got like ten of them when I turned on my machine this morning. Good thing I use a Mac.

<grumpy>Every time some section of the people who have my e-mail address gets a virus, I wonder annoyedly: why the hell hasn't some pissed-off programmer grabbed the infection mechanisms of a few of these things, and written one whose post-spread payload is to close as many of these stupid security-hole-by-default settings? Geez. I'd like to go to Microsoft and find whatever moron thought letting a mail program execute arbitrary data sent from the net was a good idea.</grumpy>

[alinsa.livejournal.com]

Nobody's fixed the security-hole-by-default problems because... these aren't caused by security holes. They're caused by users getting executables (or in one of the recent cases, a zip file) in email, and then executing them. It's pure user-unawareness and social-engineering.

Windows happens to be the popular platform, so it gets most of the exploits, but the same thing would work on my Solaris box (using kmail), and I'll bet even MacOS X lets you open email attachments...

[shatterstripes.livejournal.com]

I thought most of them these days were clever hacks that auto-executed without you launching them? *shrug*

And yeah, you probably could make one that spread via social engineering that worked on the Mac. I'm not sure how locked-down Mail is by default...

[alinsa.livejournal.com]

There were a few a good long while back that found bugs and the like in Outlook [Express] to automatically execute, but those are long since gone. Strangely, these things have been getting simpler as time goes on, and the last few batches (for at least the past year or so) have all been "here, click on this" and prettymuch completely rely on the recieving user to willingly open the attachment to do their dirtywork.

Scary, isn't it?

[shatterstripes.livejournal.com]

*sighhhh* Yes, it is.

Well, I'll put away the hope of a subtle, geek solution, then.

[lediva.livejournal.com]

Someone tried... I can't remember the name, but it was in response to the Blaster worm. The fix-it worm ended up creating more traffic than the original.

Not saying it can't be done, mind you. But it'd take a good bit more skill.

[pseudomanitou.livejournal.com]

I use a Mac also - but just in case - since it seems like too many of these virus things depend on bookmarks and such to spread, I just keep a separate list in simple text of all e-mail contacts. Just seems like smart thing to do.

[wootsauce.livejournal.com]

I'm getting about eight thousand of them, too. If I had just gotten one,I might have opened it, but the 10,000 "I swear your mail bounced!" letters make them seem a little desperate.

Mea culpa

[amilori.livejournal.com]

I opened Outlook (it's what this computer can handle) this morning, saw that it was trying to send an email & shut down. Ran virus detection, found nothing, re-opened, saw it trying to send again & shut down again. We're installing new anti-virus software & upgrades tonight when Matthew gets home. Wish me luck.

Re: Mea culpa

[shatterstripes.livejournal.com]

Oh, I don't think it's just you. I started getting them while you were probably at FC!

But good luck!

[kamenkyote.livejournal.com]

Eh, I'm getting them, too. Usually I don't give a crap about these things, but the whole fake mailer daemon thing is annoying even to us Mac folks as there's no way to know if it isn't a real bounced message. :P

And Macs are not immune. My old 6300 had an annoying worm on it for a while. All it did was make the hard drive spin for 30 seconds every half hour, but I was lucky. The only reason we're protected is because there's too few of us to bother with. I'm sure someone will write one soon enough and we'll all be laughed at.

But I'm still on OS9....

-T'

[mandrill.livejournal.com]

It's times like these that make me glad I only deal with email on my Mac.

[nigel.livejournal.com]

While I'm not an anti-MS zealot, I've found that the best security measure (outside of a good AV program) related to viruses is to simply use an email program other than Outlook/Outlook Express. I'm stuck with Outlook at work, but at home I generally use The Bat! or Thunderbird, depending on which machine I'm using at the time. I like them both a lot better anyway.

Since most email viruses these days are engineered to exploit holes in Outlook programs, removing Outlook from the equation will make the attachments or scripts relatively harmless most of the time. It's certainly not a replacement for an anti-virus program, but it's a nice added layer to your security set-up.