Welcome to WebmasterWorld Guest from 54.147.134.218

Forum Moderators: phranque

Message Too Old, No Replies

New Focus: Triple worm attack

Bropia offshoot, death photo and funny face distract from dangers.

     
10:06 pm on Feb 3, 2005 (gmt 0)

Senior Member

WebmasterWorld Senior Member 10+ Year Member

joined:Apr 27, 2002
posts:1685
votes: 0


[news.zdnet.com...]

Great. Just great.

The latest variant of the Bropia worm was discovered on Wednesday evening, Trend Micro said. It infects systems belonging to users of MSN Messenger by sending itself as a picture of a roast chicken with tan lines to all available or online contacts. It also releases a second more dangerous worm, called Agabot.ajc, on the infected computer.

This worm, dubbed Wurmark-F, travels as an e-mail attachment and affects systems running Microsoft Windows. When opened, it displays a photo of a man "gurning"--a British tradition of pulling silly faces.

The worm can spread via e-mail and by using the Microsoft LSASS vulnerability, the same flaw used by the Sasser worm to spread in record time. The vulnerability was reported 10 months ago, and a patch is available.

[edited by: Brett_Tabke at 10:11 pm (utc) on Feb. 3, 2005]
[edit reason] added some quotes [/edit]

1:43 am on Feb 4, 2005 (gmt 0)

Senior Member

WebmasterWorld Senior Member 10+ Year Member

joined:Apr 18, 2003
posts:699
votes: 0


Just out of curiosity, what's the big deal? I've been online since before 99% of people in the world had even heard of Yahoo, I work online full-time, and "use" the Internet more than 99.5% of people in the world - and my computer has *never* been infected with a virus. Use good anti-virus software, a firewall, a good backup program, some common sense, and don't worry about it.
2:09 am on Feb 4, 2005 (gmt 0)

Senior Member

WebmasterWorld Senior Member 10+ Year Member

joined:Apr 27, 2002
posts:1685
votes: 0


To adequately answer that question, you'd have to ask those who are not like you, since obviously that is what this thread is about.
2:10 am on Feb 4, 2005 (gmt 0)

Junior Member

10+ Year Member

joined:Jan 19, 2005
posts:63
votes: 0


Great!

Hopefully McAfee Internet Security 2005 will keep my work machine virus free

Virus Info for: W32/Bropia.worm.g
[uk.mcafee.com ]

----

Tested out AVG Free 2day, and it blew winXP up. Had to reinstall my test machine. Thank god it was my test machine! Do NOT USE AVG Free

Get AntiVir and ZoneAlarm
ZoneAlarm does Email Scanning
Your going to need protection with all these viruses around

3:43 am on Feb 4, 2005 (gmt 0)

Preferred Member from US 

10+ Year Member

joined:Nov 27, 2002
posts:410
votes: 0


The problem is many people do not wear protection!

Plan ahead folks! This will go away much faster if you do.

-Hollyweird

4:59 am on Feb 4, 2005 (gmt 0)

New User

10+ Year Member

joined:Dec 1, 2003
posts:27
votes: 0


I have been using AVG Free for years, both version 6, and now version 7, and have never had any problems. In fact the first machine I ever installed it on had a currently updated version of NAV on it, and the first scan found 2 trojans and 1 virus that NAV didn't even know was there. I have been sold on it ever since, and have even registered my own copy.
6:33 am on Feb 4, 2005 (gmt 0)

Junior Member

10+ Year Member

joined:Jan 22, 2005
posts:195
votes: 0


Suddenly that roast chicken picture I downloaded months ago isn't as funny. Fortunately no ill effects have surfaced... don't know whether to attribute it to my smattering of antivurus software or it just being a plain ol' picture.

Next, do I start having to worry about the bunny with a pancake on its head? LOL

8:30 am on Feb 4, 2005 (gmt 0)

Junior Member

10+ Year Member

joined:Aug 31, 2003
posts:196
votes: 0


The problem is many people do not wear protection!

I've been online without a virusscanner since 1995 and have never been infected. Don't allow a virusscanner to lull into a false sense of security and discard common sense...

1:53 pm on Feb 4, 2005 (gmt 0)

Preferred Member

10+ Year Member

joined:June 21, 2000
posts:626
votes: 0


As an aside...

I do lead AV administrator for our sector. I was charged with SPAM reduction. I just got a solution in place. An unsuspected benifit....if the e-mail header of the e-mail does not conform to RFC standards it gets tossed. In talking with Symantec they state over 90% of e-mail distributed viruses have....invalid headers. So before SOPHOS, which we use at the SMTP gateway, or Symantec, which we use at the desktop, have DATs/DEFs for a new strain the SPAM solution stops the new strain from even getting in our front door.

We used to get hammered with Beagle/Bagle and Sober when new variants came out. Since we put this up we had not one report of infestation.

I was very pleased.

Take care,

Brian

2:26 pm on Feb 4, 2005 (gmt 0)

Junior Member

10+ Year Member

joined:Jan 19, 2005
posts:63
votes: 0


Tested out AVG Free 2day, and it blew winXP up. Had to reinstall my test machine.

I just remembered that I had F-Secure on that machine and it doesn't like other AntiVirus software maybe that was the problem.

I have just put AVG back on the test machine and its fine, but its on winXP SP1. Need to test it on SP2.

The new AVG UI is great. (very clean design). But its not the UI I'm interested in. Can it do what its meant to do detect and remove viruses.

----

Proctection Tools for Windows

AntiVirus Software:
AntiVir [free-av.com]
AVG [free.grisoft.com]

Firewalls:
winSP2 Firewall (XP ONLY) [microsoft.com]
Sygate [smb.sygate.com]
ZoneAlarm [zonelabs.com]

2:38 pm on Feb 4, 2005 (gmt 0)

New User from US 

10+ Year Member

joined:Feb 22, 2004
posts:27
votes: 0


I have a great protection tool:

[apple.com...]

:)

2:47 pm on Feb 4, 2005 (gmt 0)

Senior Member

WebmasterWorld Senior Member 10+ Year Member

joined:Dec 2, 2002
posts:792
votes: 0


I've had it with MS.
I'm just going through replacing one of my webservers because they were infected by 2 worms, despite having Firewalls & AVs.
The same thing had happened to me a year back.
We took a tech decision yesterday to switch everything to PHP & Linux from IIS & ASP. It's going to be a huge investment for us and will involve many HR changes, but it's worth it.
3:29 pm on Feb 4, 2005 (gmt 0)

Full Member

10+ Year Member

joined:July 5, 2004
posts:303
votes: 0


ubuntu... my antivirus.
5:25 pm on Feb 4, 2005 (gmt 0)

Senior Member

WebmasterWorld Senior Member 10+ Year Member

joined:Apr 27, 2002
posts:1685
votes: 0


don't know whether to attribute it to my smattering of antivurus software or it just being a plain ol' picture.

Well, Automan Empire, maybe you need to look at this:

[ebcvg.com...]

The latest variant was discovered late Wednesday, according to TrendMicro. The virus spreads by sending itself as a picture of a roast chicken with tan lines to all available or online contacts. It also releases the Agabot.ajc virus on the infected PC. <Emphasis added by me.>
10:32 pm on Feb 4, 2005 (gmt 0)

Senior Member

WebmasterWorld Senior Member 10+ Year Member

joined:Apr 20, 2004
posts:1475
votes: 0


We were sick of disinfecting or rebuilding infected machines, so about a year ago I installed Sophos MMSMTP AV on our corporate (Linux) mail server.

Zero virus infections since then.

No matter how you train people, and no matter how much they want to comply with policy, human nature/curiosity is simply too powerful to overcome, in some people. They can't help themselves! They ARE a winner, dammit! They DO wonder about horny people in their area! They DESERVE a lot of money from some guy in Nigeria!

I also installed both Black Ice and Zone Alarm Pro on all of our workstations ... and have had no successful attacks of any kind since then.

These two protections save me over 20 hours per month, personally, as the machines (even though they are Win boxes) don't need checking or cleaning nearly as often, and I can limit my maintenance activities to cleaning up Win's virtual memory and defragging.

(Please note that my home Linux boxes have never had any problems of any kind for over 8 years of continuous operation, despite having no AV or trojan blockers installed.)

4:59 am on Feb 5, 2005 (gmt 0)

Junior Member

10+ Year Member

joined:Jan 22, 2005
posts:195
votes: 0


Pedanticist wrote:
Well, Automan Empire, maybe you need to look at this:

Well, it didn't appear unsolicited... I DL'd it months ago to no ill effect. It's an amusing picture; perhaps (hopefully) the worm writer later chose that image to help spread his creation, if people voluntarily sending it around does indeed spread it.

So here we have... viral virus marketing! What next under the sun?

5:16 am on Feb 5, 2005 (gmt 0)

Senior Member

WebmasterWorld Senior Member 10+ Year Member

joined:Apr 27, 2002
posts:1685
votes: 0


Hey, that's cool. Glad to hear you were there, uh, early. :)
2:08 am on Feb 6, 2005 (gmt 0)

Junior Member

10+ Year Member

joined:Dec 28, 2004
posts:90
votes: 0


>> I've been online without a virusscanner since 1995 and have never been infected.

never infected that you know of

No offense Zaphod, but common sense involves using antivirus software.

5:44 pm on Feb 8, 2005 (gmt 0)

Senior Member

WebmasterWorld Senior Member 10+ Year Member

joined:Aug 19, 2003
posts:701
votes: 0


I've installed AVG on a machine upgraded to XP service pack 2 with no worries.

I've probably installed this on 50 machines for various people - everytime I work on one, I usually talk them out of whatever they are using (if anything) and into this.

I've also, like the poster above, installed this on machines that already had 'name brand' antivirus software, and it caught several things that they missed.

I think a few of these viruses can 'undo' Norton, etc. - just like IE gets more viruses written for it because of market share, I think the same thing happens to the major antivirus companies...

5:58 pm on Feb 8, 2005 (gmt 0)

Senior Member

WebmasterWorld Senior Member rocknbil is a WebmasterWorld Top Contributor of All Time 10+ Year Member

joined:Nov 28, 2004
posts:7999
votes: 0


The new AVG UI is great. (very clean design). But its not the UI I'm interested in. Can it do what its meant to do detect and remove viruses.

Yes dom, it does, my sys admins have been using it for years and have converted me. Even if they start charging for updates at some point, I would prefer it over Sporton or MacAfee. I've worked with both of those products on Mac and PC platforms for over 10 years and have always had problems with them, their installations work their way down into your system and when something goes wrong, it's a mess.

Your XP-losion was probably most likely due to something like that, as you said.

 

Join The Conversation

Moderators and Top Contributors

Hot Threads This Week

Featured Threads

Free SEO Tools

Hire Expert Members