|
|
Post by PinkFloydYoshi on Apr 20, 2005 15:22:21 GMT -5
ok. Some Delphi programmer has created a program that sends out the following via messenger: 'Hey' 'It's You!' '*download link with your email address at the end*' Don't click that link. The domain at the beginning is www.photo-centrum.net. This domain has nothing on it other than a virus that sends itself to other people on your contact list. Just thought I'd raise the alarm before other people are infected. |
|
|
|
Post by Sky on Apr 20, 2005 15:32:01 GMT -5
Actually, I don't know for you, but the message I got had no apostrophy and all small letters, hence:
"hey"
"its you!"
(file)
So basically, when you're talking to someone who uses basic ponctuation marks and the such, you know... heh. Not always though.
|
|
|
|
Post by PinkFloydYoshi on Apr 20, 2005 15:51:16 GMT -5
Yeah,Thats what I got, 4 times within 3 minutes, so I'm guessing it's something that executes at a certain time.
Always ask the person what a file or link is before you download it.
|
|
|
|
Post by Jacobthehero on Apr 20, 2005 16:06:46 GMT -5
DONT DOWNLOAD THAT!!!
|
|
|
|
Post by Lazo on Apr 20, 2005 16:17:20 GMT -5
Whoah, I would'nt have known that I shouldn't download it if it weren't for those Capital Letters.
Has the sender been consistent, or does it seem to be random?
|
|
|
|
Post by Sky on Apr 20, 2005 16:18:05 GMT -5
That's exactly what we're saying, who knows what it does exactly right now, and it's better not to find out. Just be careful in what you're downloading people, like PFY said, ask before taking.
|
|
|
|
Post by PinkFloydYoshi on Apr 20, 2005 17:11:43 GMT -5
Whoah, I would'nt have known that I shouldn't download it if it weren't for those Capital Letters. Has the sender been consistent, or does it seem to be random? The sender is anyone in your MSN contact list since it's spreading using MSN. Still unsure what else it actually does. I've had it apart with resource hacker, but nothing too obvious, still, if you do not have a good firewall on your computer, and your firewall suddenly prompts to either allow access or deny access to the network to 'project 1.exe' or another name that has no icon or just looks suspicious or random, deny it. If you get this, the virus is a trojan, and is trying to contact the author of the virus to allow him/her access to your computer. Be very wary of what you accept. |
|
|
|
Post by Soul on Apr 21, 2005 1:42:55 GMT -5
That sounds like a version of the Kelvir virus. I just wanted to note that this is far from being the first virus that spreads via msn messenger using social engineering tactics. For example, there was an old one called supova (symantec name = W32.Supova.Worm) which spread through messenger and also through KaZaA. There are lots of viruses that spread via multiple methods, be it email, filesharing, instant messaging, etc... The tip here is, first, people should get service pack 2 (if they have Windows LEVEL UP ! !). It gives much greater control over what is allowed to run and what is not. Second, users should get informed about how viruses spread and how they work (aka know your enemy). If they skip this step, they will never be prepared to defend themselves against ALL viruses since they are always using newer, different infection techniques. |
|
|
|
Post by goldyoshi on Apr 21, 2005 14:09:07 GMT -5
Yeah,Thats what I got, 4 times within 3 minutes, so I'm guessing it's something that executes at a certain time. Always ask the person what a file or link is before you download it. I think i'am lucky 'casue i did not get it,and i hope i don't!  |
|
yosivictor2004
New Yoshi
Did you know this username i also use on www.neopets.com
Posts: 60
|
Post by yosivictor2004 on Apr 23, 2005 19:33:22 GMT -5
wath is the massge
|
|
Daxxe
Yoshi
The Dalecarlian Yoshi SERR?!
Posts: 216
|
Post by Daxxe on Apr 24, 2005 21:19:32 GMT -5
when I chatted today with one of my friends we both got "dancin' banana links" without reazzones . Well, we didn't push that button but ho knows what it would happend if we did...aaar D8
|
|
