New virus

Jose G. Perez jgperez at SPAMnetzero.net
Fri May 19 07:56:50 MDT 2000


CNN is reporting a new virus this morning, apparently derived from the I
LOVE YOU "love bug" of a couple of weeks ago.

This is a lot more damaging and a little bit more sophisticated: it
completely erases all files on your hard drive not currently being used by
the computer and automatically extracts a new name for itself from what it
finds in your computer when it sends itself on.

    So far the only recommendation seems to be: Do not click on attached
files, and especially not ones with the extension (last three letters)
".vbs" (or anything else executable, such as .com,  .exe and .bat).

    The virus seems to be spreading more slowly than I Love You (obviously
people are being more wary) but given the deadliness of the payload, extreme
care is called for.

    I am enclosing with this email an attachment "Fake Virus.txt.vbs" so
people can see what the visual basic script (vbs) icon looks like and also
to point to another flaw. If you have file extensions turned off (the
default in many windows 95/98 installations) what you're going to see if
"Fake Virus.txt," and you'll say, oh its just an innocent text file and
double click on it. My file has no content. But a REAL virus would execute.
And you cannot necessarily trust the icon, either.

    Yep, among the countless security flaws (did I say flaws? I meant
ease-of-use features) the "geniuses" at Microsoft built in is this ability
to disguise one kind of file as another. Comes in especially handy in
attacking systems which have absolutely no built-in security capabilities,
such as Win 95/98.

    There is speculation that what is going on now is that some immature or
perverse would-be hackers, looking at microsoft's limp response to the
warnings about the security flaws in Windows 95/98 and associated programs,
may be adopting a scorched-earth policy, and are determined to "nuke," so to
speak, the win 95/98 world.

José



Fake Virus.txt.vbs



More information about the Marxism mailing list