North American Network Operators Group
Date Prev | Date Next |
Date Index |
Thread Index |
Author Index |
Historical
Re: Hi (fwd)
- From: Matthew Sullivan
- Date: Thu Mar 18 17:10:01 2004
william(at)elan.net wrote:
FYI - if you're on windows machine DON'T TRY TO FOLLOW URL in that post
Somebody sent me a copy of the content and its vbscript that downloads an
image converts it into executable and then probably uses some bug in
microshit products to have it executed. I'm not that good with windows
scripting so whoever of the security people here wants to see it futher if
you can not get it yourself, let me know. Its possible this maybe zombie
making virus using nanog to replicate (somebody's sick joke) but possibly
its more general with other lists too. Spammers and virus writers joined
together are getting nastier and nastier.
It's another varient of Bagle...
My analysis of it is at: http://www.au.sorbs.net/virus.explain.txt -
since then Symantec has release it's more detailed explaination under
the headings for Bagle.r and Bagle.s
/ Mat
|