here for more:

http://asia.cnn.com/2001/BUSINESS/asia/07/20/hk.codered/


We had computers behind solid firewalls get hacked by this worm late last week.

MS products have security holes? Say it ain't so!! ;)

I recieved a trojan horse virus attached to an email today. My virus protection software caught it and quarantined it but could not clean it. I emailed the sender back but big surprise, the email was undeliverable.

subject: xak-cftp

message: Hi! How are you?
I send you this file in order to have your advice
See you later. Thanks

attachment: xak-cftp.zip (145kb)

Regards,
Kevin

I get that virus LITERALLY 15-20 times daily, in both English and spanish:

Hola como estas ?

Te mando este archivo para que me des tu punto de vista

Nos vemos pronto, gracias.

The biggest annoyance is sitting through 3 megs of virus downloads before i can get my mail.

I guess the difference was that our hack wasn't by email-but rather through IIS.

I have never got an e-mail virus. I don't know many people online you see.

I got it sent to me again today, same everything except this time it was morpheus.zip

What a pain in the butt.

Kevin

Name: Pixelmonkey virus

Warhead: SPAM and wrench throwing

Characterisics: Spreads in the SPAM box, your speakers make an ape noise, you post more SPAM, send a PM, quote some one, repeat ad lib

anyone had it?

LOL....Now I know why I stay out of the SPAM box..... :D

Kevin

I've just received Kevin's virus:


Sent to me by 'Mathieu Chiasson (chiassonm@hotmail.com)'

Hi! How are you?

I send you this file in order to have your advice

See you later. Thanks



Attached: arvelas.zip.pif

I got a couple the other day. I have a hosting company and some people send me stuff like this:
Hi I was looking at you packages. Please tell me if you support the features in the attachment. And the files is named something like features.doc.bat
I hate these viruses. But many people that send these have no idea they did. Some viruses attach to your e-mail and every mail you send out has this attachment.
Paul

Originally posted by hacker
I got a couple the other day. I have a hosting company and some people send me stuff like this:
Hi I was looking at you packages. Please tell me if you support the features in the attachment. And the files is named something like features.doc.bat
I hate these viruses. But many people that send these have no idea they did. Some viruses attach to your e-mail and every mail you send out has this attachment.
Paul

That would be nasty. :eek:

Originally posted by kevin
I recieved a trojan horse virus attached to an email today. My virus protection software caught it and quarantined it but could not clean it. I emailed the sender back but big surprise, the email was undeliverable.

subject: xak-cftp

message: Hi! How are you?
I send you this file in order to have your advice
See you later. Thanks

attachment: xak-cftp.zip (145kb)

I got that a few minutes ago.

You opened the attachment? I just hit my old, trusty DELETE key.

Whenever I get an attached file with a .exe ending or a strange ending from someone I don't know I imeadiateley delete it.

Keyboard keys obselete? Has anyone ever pushed the "Pause/Break" key? The last time I used it was to stop a QBasic program 5 years ago, is it still used?

Originally posted by prodeveloping


I got that a few minutes ago.

You opened the attachment? I just hit my old, trusty DELETE key.

No I didn't open the attachment. My Virus program put it in quarantine and I deleted it from there. I'm in the middle of recieving the virus again right now.

Kevin

I've been lucky so far - haven't gotten it yet.

More info here:

http://www.antivirus.com/vinfo/virusencyclo/default5.asp?VName=CODERED.A

Originally posted by myself
I got that a few minutes ago.

I got it again a few minues after I posted this yesterday!

The properties of the e-mails I got are as follows:
----------------------------------------------
Recieved From (address blocked out in outlook):

femail3.rdc1.on.home.com
----------------------------------------------
Message:

Hi! How are you?

I send you this file in order to have your advice

See you later. Thanks
----------------------------------------------
Properties:

Return-Path: <>
Delivered-To: me@mydomain.com
Received: (qmail 10748 invoked from network); 22 Jul 2001 20:58:53 -0000
Received: from femail3.rdc1.on.home.com (24.2.9.90)
by mail.mc.net with SMTP; 22 Jul 2001 20:58:53 -0000
Received: from CR27380-C.lndn1.on.wave.home.com ([24.102.46.142])
by femail3.rdc1.on.home.com
(InterMail vM.4.01.03.20 201-229-121-120-20010223) with SMTP
id <20010722205822.ZMWC23853.femail3.rdc1.on.home.com@CR27380-C.lndn1.on.wave.home.com>
for <me@mydomain.com>; Sun, 22 Jul 2001 13:58:22 -0700
From:
To: me@mydomain.com
Subject: =?ISO-8859-1?Q?The=5FFive=5FKeys=5FDepression=5FRating=5FScale=5Fws=5F301?=
date: Sun, 22 Jul 2001 17:00:28 -0400
MIME-Version: 1.0
X-MIMEOLE: Produced By Microsoft MimeOLE V5.50.4133.2400
X-Mailer: Microsoft Outlook Express 5.50.4133.2400
Content-Type: multipart/mixed; boundary="----2EDECFC4_Outlook_Express_message_boundary"
Content-Disposition: Multipart message
Message-Id: <20010722205822.ZMWC23853.femail3.rdc1.on.home.com@CR27380-C.lndn1.on.wave.home.com>
X-Spam-Rating: mail.mydomain.com 1.6.1 0/1000/N

Me too, three times in one day from the same server. I emailed help at the server I'm getting the virus from and it was returned because the mail box was full, they are probably getting thousands of angry emails!

Kevin

Probably.

Originally posted by kevin
I emailed help at the server I'm getting the virus from and it was returned because the mail box was full, they are probably getting thousands of angry emails!

Just like the guys at the Microsoft and AOHELL support centres!

touch wood ..............it sounds as though they are bad for business i would delete anything that i didnt send for.............

Got it again today from a different server..... :(

Kevin

I keep on getting the same virus about 3 times a day now. Boy its a major pain.

Name: whkoh.variantB
Warhead: nothing, he is so innocent (quote from Goldi)
Characteristics: posts very useful link lists and is the most useful member of the board :D

Name: cfhosting
Warhead: never leaves
Characteristics: do I need to say?

:D

Originally posted by cloud9
Name: whkoh.variantB
Warhead: nothing, he is so innocent (quote from Goldi)
Characteristics: posts very useful link lists and is the most useful member of the board :D

Name: cfhosting
Warhead: never leaves
Characteristics: do I need to say?

:D

LOL :D

It could be worse, at least none of us have ever got this virus:

http://www.acommunity.net/humour/virusalert.html

Originally posted by Dave Swift
It could be worse, at least none of us have ever got this virus:

http://www.acommunity.net/humour/virusalert.html in there: " It will replace all your luncheon meat with Spam. " :D

Name: Goldi virus
Warhead: Gets you going mad through love
Characteristics: Is very friendly, welcomes new members, gets you kicked out of :monkey: 's tree, and overuses the :)

Name: htmlgirl virus.............
Warhead: your decimal point (.) key becomes very sticky instantly .................
Characteristics: floats about the board complementing the members.

Name: cloud9
Warhead:_____________________________
Characteristics:_________________________________

Originally posted by cloud9
Name: Goldi virus
Warhead: Gets you going mad through love
Characteristics: Is very friendly, welcomes new members, gets you kicked out of :monkey: 's tree, and overuses the :) :D

Originally posted by cloud9
Name: htmlgirl virus.............
Warhead: your decimal point (.) key becomes very sticky instantly .................
Characteristics: floats about the board complementing the members.
Originally posted by cloud9
Name: cloud9
Warhead:_____________________________
Characteristics:_________________________________
:D

Originally posted by Mark


:D

no...............really....................it's.............not..................funny..........:D

Originally posted by cloud9
Name: cloud9
Warhead:_____________________________
Characteristics:_________________________________


any takers?

Name: Dave Swift Damn! virus
Warhead: getting you sent to his website (sorry in advance )
Characteristics: Damn! and other words used, posts his full address details in his ICQ profile, blaims the monkey, trusts the :monkey: (:monkey = bad)

I received some of those emails with encoded junk...and it asked for me to give advice. It kept trying to get me to download when I hit reply.

So...I copied the addy and emailed something like this:

You sent me an email that is encoded. Sorry, I never download emails...if you have a message for me, send it via normal typed email.

LOL LOL

Never realized it was trying to give me a virus! LOL LOL

I read the emails online and delete or respond from there.

What a drag! Why do folks do these things?? Perhaps it is "because they can"?? Childish and quite costly for some of the recipients.

Wendy

PS...I am still receiving lots of those emails and from different servers and with different names as senders. I just delete 'em!

Originally posted by cloud9
Warhead: getting you sent to his website (sorry in advance )

?!?!?

Originally posted by Wendy
I received some of those emails with encoded junk...and it asked for me to give advice. It kept trying to get me to download when I hit reply.

So...I copied the addy and emailed something like this:

You sent me an email that is encoded. Sorry, I never download emails...if you have a message for me, send it via normal typed email.

LOL LOL

Never realized it was trying to give me a virus! LOL LOL

I read the emails online and delete or respond from there.

What a drag! Why do folks do these things?? Perhaps it is "because they can"?? Childish and quite costly for some of the recipients.

Wendy

PS...I am still receiving lots of those emails and from different servers and with different names as senders. I just delete 'em!

it's happening here now too! as for another buisness known... they actually shut down their mail server for a 24 hour period to get it to STOP or atleast slow down.

something like 40 of them in the e-mail this morning!
chris<pixelmonkey>:monkey:

I was sent to me once. I immediately delted it and haven't seen it since. I very sledom open attachments. And never from someone not known to me. If I wonder about an attachment I will sometimes email the sender (if I know them) to verify its authenticity.

I have just this second received this virus. The attachment was automatically deleted by our virus protection system though.

Originally posted by Goldilocks
I have just this second received this virus. The attachment was automatically deleted by our virus protection system though.

:( That takes all of the fun out of having a virus :D

I'm still getting it 2-3 times a day. Starting to come from many different servers too. I guess it infects the SMTP server and starts sending out emails to all recipients? Has no payload, just meant to be a nuisance, which it is.

Kevin

I've been getting sent the same virus from different sources for the last 3-4 days, this morning when I checked my mail, I had 7 of them. nice huh...gggrrrr