PlanetZ forums - scopeusers.com

Morning folks

I got two "unusually crafted" viruses in my inbox this morning:

1.

From: webmaster@creamware.de

Subject: Re: Document

Text: "Your document is attached"

(.pif file attached)


2.

From: salesusa@sonictimeworks.com

Subject: Re: Excel file

Text: "Please read the attached file"

(.pif file attached)

I don't think it's coincidence that I've visited these sites recently...that's pretty sophisticated virus generation & targetting!

Maybe CW & ST should be informed of this?

Anyway - watch out for 'em!

Royston

that webmaster @ somewhere (or known adress from business contacts) *.pif stuff is rather common here for a month now.
Nothing sophisticated, just the usual mail worm if I remember right.
Anyone with a mailserver can fake arbitrary mail adresses. It's annoying though

cheers, Tom
ps: I love those mails on the Mac - it doesn't execute any sh*t just because of 3 letters


<font size=-1>[ This Message was edited by: astroman on 2004-04-21 05:05 ]</font>

I've got another problem. With mails containing gibberish like

long flat you wood glove skirt science produce theory cat regular who regular send government back conscious religion fly rice

Please Wait..Image Loading If image fails to load cl-ick here [IMAGE]

so song fire let note quite cloth on black so full worm broken front high like building business building instrument recordreg destruction sponge snow high company structure you existence page reward mass stage adjustment where some boy burst hanging cork tree chain parcel any loud yellow true angle nation level taste prison broken recordreg kick memory surpri roll medical number same cushion bath when powder animal shoe selection old not glove male right

BTW can you imagine creating such bulls**t? Or an engine to produce such stupid things? Imagine a person who starts to think: "ok, let's prepare a kind of e-mail that contain random words, it will be fun, hehe"
Somebody prepares such sh*t

_________________
Sir Sam Plaire Scopernicus

<font size=-1>[ This Message was edited by: samplaire on 2004-04-21 05:17 ]</font>

Ahh! Now I see - the portion with "picture loading" is the answer! The link is very sophisticated, I mean it's not plain html and it probably leads to something but a picture (no .jpg, gif nor anything similar as the suffix)

On 2004-04-21 05:04, astroman wrote:
that webmaster @ somewhere (or known adress from business contacts) *.pif stuff is rather common here for a month now.
Nothing sophisticated, just the usual mail worm if I remember right.
Anyone with a mailserver can fake arbitrary mail adresses. It's annoying though

I receive such type of e-mails, too. Funny, but the bots send us e-mails from servers we may be interested in.

ps: I love those mails on the Mac - it doesn't execute any sh*t just because of 3 letters

astroman wrote:

Nothing sophisticated, just the usual mail worm if I remember right.
Anyone with a mailserver can fake arbitrary mail adresses. It's annoying though

Well, I didn't give SonicT my email address e.g. in a web-form. There's something going on here that's more than arbitrary, I think.

I did send them a couple of emails recently about the 'rapid system degredation' stuff to do with using their 'ReverbX' demo.

Perhaps their mail server has a virus/trojan?

As for the Creamware.de one...well Creamware would have my details on record, but I would n't have thought that they would be in a place where a robot could trawl them.

I'm doing come investigation into this - it's bloody annoying.

@ Samplaire: mad isn't it! At least e.g. the Nigerian Scam has a purpose. I can't understand emails being generated which are complete gibberish.

I'd give a large sum of money for the pleasure of meeting one or two of these spammers I'd be interested in seeing how many QWERTY keyboards they're capable of eating at once.

Royston

I'd be interested in seeing how many QWERTY keyboards they're capable of eating at once.
Royston

If you meet one, please, feed him with at least one QWERTZ keyboard

_________________
Sir Sam Plaire Scopernicus

<font size=-1>[ This Message was edited by: samplaire on 2004-04-21 05:58 ]</font>

A friend at work has pointed out that e.g. somebody on Sonic Timework's mailing list could have a virus - so they get a mail from them which has gone out to lots of people (including yours truly), and then the virus picks up on this and sends me a 'mail from 'Sonic Timeworks'.

It's not beyond the realms of possibility that the companies thenmselves have a virus, though.

I was going to have a good look at the headers, but I instantly delected the mails.

Royston

i get those stuff also since one or two months, from wellknown adresses indeed.
No problem on mac, but it IS annoying.
And what about this one:
Hubert Dols, enlarge your penis with at least 3"!!!, in full colour capitals!
Useless, mine IS already 20"

I curious if the bots distingish male/female ???

"Monica X, enlarge your penis with 3"

I've received similar stuff from CW and many other companies. I seem to get a lot of stuff from Poland for some odd reason. There are some nasty viruses floating around and I'm getting hit from all sides. I must get between 20 and 30 virus infected emails a day. I even get error messages from servers saying my email didn't go through so somehow these viruses are relicating my email address even through they didn't originate from me.

Luckily, my email provider has a very nice filter for this stuff so I see less than 1% of it actually getting through. And I keep my virus protection up to date.

On 2004-04-21 09:10, krizrox wrote:
I even get error messages from servers saying my email didn't go through so somehow these viruses are relicating my email address even through they didn't originate from me.

Me too! I even got an e-mail from John Cooper asking me to stop spamming his acoount

One of my e-mail accounts has got a filter, too but it gets even worse for the reason! I get 2 e-mails - one with a virus (or with an ampty file, erased by the server) and a server message saying there was a virus in an incoming e-mail. That doubles the e-mail flood!

On 2004-04-21 05:15, samplaire wrote:
I've got another problem. With mails containing gibberish like

long flat you wood glove skirt science produce theory cat regular who regular send government back conscious religion fly rice
...
BTW can you imagine creating such bulls**t? Or an engine to produce such stupid things? Imagine a person who starts to think: "ok, let's prepare a kind of e-mail that contain random words, it will be fun, hehe"
Somebody prepares such sh*t ...

it's not as stupid as it reads - for us, not for a machine
spam filters apply strategies calculating statistical distribution of relevant words, like the enlargement and better sex suggestions or viagralium.
Now if a text provides a fair amount of 'non' hot, regular words the (filter-)machine considers this a valid mail

the mails are of course generated by a program and that has at least some sophistication, though it's fairly easy with appropriate tools.

anyway - the sh*t causes so much attention that I'd consider it a public offence - it should be treated as a crime.
It has nothing to do with fair market chances or whatever.
If someone posts a highly political offence in an arbitrary message board it doesn't even need a legal procedure and the boys in black ring to capture the person in question including any online gear involved

cheers, Tom

Clever! I mean the thing about percentage of dirty (or just sex oriented) words!

I agree with you, Tom, but I think it's a plague and it's difficult to find the source, the nest of the garbage. Difficult to fight with it! Have you ever played Diablo II? There is a large amount of such nests, feh!! OOOO, disgusting

<font size=-1>[ This Message was edited by: samplaire on 2004-04-21 16:00 ]</font>

As well as most of the content being pretty offensive, spam, viruses etc. also munch up a massive slab of WWW bandwidth

Without that crap, people would have a usable network!

Royston

you're probably right, but

it makes telecoms sell higher bandwidth
generates jobs in service and support departements
founded a new industry selling 'anti' stuff
it's used to justify increasing network control

looks like there's a method behind this
not amuzed, Tom

<font size=-1>[ This Message was edited by: astroman on 2004-04-22 06:57 ]</font>

...if we all were happy, young, physically psycologically and mentaly healthy and handsome, THEN WHO WOULD NEED any doctors, pcychiatrists, clerks, beauty medicines, diet institutes, gyms etc etc? All these people would be un-employed!!!

BUT THEN all these un-employed people would be unhappy, would eat and drink a lot to forget their pain, they would get fat, mentally unstable etc etc.. And this would lead to THE NEED of all those people above to cure them!!!...

Conclusion, all this stuff is un-avoidable... But that doesnt mean that one should not strive to improve things (or should it?...)

P.S. my OT philosophical questions again... sorry!

P.S.2. BTW, I get everyday at least 3 emails titled "Elene, Some Important Information for you" which have a virus... Not to mention, all that viagra, xanax, pennis enlargement bullsh*t... Makes me not to want to open my email..

<font size=-1>[ This Message was edited by: rodos1979 on 2004-04-22 07:43 ]</font>

On 2004-04-22 06:54, astroman wrote:
looks like there's a method behind this
not amuzed, Tom

Cabal!

No doubt, CWA has some enemies. Those doing harm, don't want to realise they are going to ripe what they sow. The universe is alive, and all you do will come back to you. If you do well, you're get good results, if you do evil, you're going to suffer the consequenses, this is the Law.

On 2004-04-23 01:42, Nestor wrote:
If you do well, you're get good results, if you do evil, you're going to suffer the consequenses, this is the Law.

too biblish to me.
'suffer the consequences', is that 'burn in hell'?