also @ TechSpot: Is Apple's USB wall adapter really worth $29?

SPAM swapped for viruses in my inbox

By

On March 21, 2004, 3:40 AM EST

During the last few weeks I seem to be getting less and less SPAM in my e-mail, and this you would think is good. But when it infact get replaced by viruses it is not, especially not since the viruses are much larger per e-mail than regular SPAM e-mails.

It all started like an ordinary virus with the latter "Bagle.A" on January the 18th... fast forwarding to the current day we have "Bagle.S", yes that is 20 versions of the same Virus in 2 months! I keep track of these viruses via F-Secure's [URL=http://www.f-secure.com/weblog/]Weblog[/URL], where F-Secure antivirus staff post details on the latest viruses as they find them. These viruses install backdoors that are used for sending SPAM from the affected computers, this backdoor allows the virus writers full control over infected PC's, they can update their viruses and install software on those computers...

There have also been a new virus just released that works similarly to the old Slammer worm, this one is called Witty but only infects computers with the Black ICE software. [URL=http://xforce.iss.net/xforce/alerts/id/167]ISS Advisories[/URL]. It would seem that this indeed is starting out as the [URL=http://www.techspot.com/vb/showthread.php?s=&threadid=10145]year of the Superworm[/URL].

Related Stories

No tags on this story

10 comments

User Comments (10)

Post a comment
Shiney
on March 21, 2004
10:17 PM 		I have also noticed a large increase in viruses in my email, mainly the W32.Netsky.B@mm. Before I was only getting one a month now it's up 2+ a day :(

Reply

david5182
on March 22, 2004
10:48 AM 		Same for me.I use my business address rarely and only for business.I have never received any spam nor any viruses. Now, although it is still spamless, I get this W32.Netsky.B@mm virus about once a day.When will theses virus writers become extinct? :)

Reply

Nodsu
on March 22, 2004
11:45 AM 		[quote]When will theses virus writers become extinct?[/quote] It will happen sometime after we enforce the laws of natural selection and shoot all unknown email attachment opening/Outlook using ****** on the spot. Wiping out Microsoft and all Windows installations in the world would do the trick also. You decide which is easier :p

Reply

Per Hansson
on March 22, 2004
11:52 AM 		Nodsu; I think I would prefer both :D

Reply

SNGX1275
on March 22, 2004
2:11 PM 		My university has some antigen software or something on its end, so when all this Bagle crap came out at first it didn't catch it, but within a day everytime I'd get one it would just be the e-mail with the zip removed and replaced with a text file saying what was removed. So perhaps if ISPs would provide end filtering like my University does, the severity of this issue would be decreased substantially.

Reply

Nodsu
on March 22, 2004
2:28 PM 		The problem is that an ISP can't block password protected .zips because there are quite many legit encrypted archives moving around and in most cases the sysadmins are too stupid/too lazy/unable to define the bagle letters in spam filter rules. Not to mention that the number of spam filtering capable mail servers is even lower than than the minuscle amount of AV-enabled email gateways.

Reply

Per Hansson
on March 24, 2004
1:27 AM 		Our mailscanner at work detects viruses in encrypted e-mails.I think most large virusscanners have figured out how to do it...

Reply

Nodsu
on March 24, 2004
2:32 AM 		You mean there is an easy and efficient way to look at data inside encrypted zip files? What's the point in encrypting the damn things in the first place? :pMost likely the mailscanner just blocks all encrypted zips or it has some custom rule definition possibility where you can put in the characteristics of a virus mail and let it block those.

Reply

StormBringer
on March 24, 2004
2:50 AM 		My ISP blocks them as well, has been since right after that bagle crap, and it doesn't block all encrypted zip files.

Reply

Per Hansson
on March 24, 2004
7:18 AM 		[quote][i]Originally posted by Nodsu [/i]Most likely the mailscanner just blocks all encrypted zips or it has some custom rule definition possibility where you can put in the characteristics of a virus mail and let it block those. [/quote] No, I tried sending an encrypted virus through our mailscanner that I got to my Techspot mail and it sent back an e-mail telling me what type of virus it found inside the encrypted file...

Reply

Browse more commented news

Post a new comment

Guest user

To post as an anonymous
user click here.

Members

If you are a TechSpot member,
please login first.


By signing up you gain complete access to the TechSpot community. Join thousands of computer and technology enthusiasts that contribute and share knowledge in our forum. Post messages, get a private inbox, upload your own photo gallery and more.

Most Popular

Trending Featured
More Trending Topics

Editors' Keyboard Picks

Downloads & Drivers

Downloads   Drivers  

GMABooster 2.1a

HaoZip 2.8

Defraggler 2.10.413

The Cleaner 2012 8.1.0.1110

WinISO 6.2.0.4526

More Downloads

Related Discussion

My PC has high CPU loads a few times every couple minutes

[UDK] Critical Point - Incursion

Could it be the graphics card?

Installing Windows or repairing without CD-ROM

Compaq Presario CQ61 screen LCD cable change but not working

More at the Forums

Subscribe to TechSpot

Get free exclusive content, learn about new features and tech breaking news.