1. You are viewing our forum as a guest. For full access please Register. WindowsBBS.com is completely free, paid for by advertisers and donations.

E-mail warning.

Discussion in 'Security and Privacy' started by jaylach, 2005/08/17.

  1. 2005/08/17
    jaylach

    jaylach Inactive Thread Starter

    Joined:
    2005/04/05
    Messages:
    412
    Likes Received:
    0
    Warning = it's real &confirmed.

    Emails with pictures of Osama Bin-Laden hanged are being sent and the
    moment that you open these emails your computer will crash.


    This e-mail is being distributed through countries around the globe, but
    mainly in the US and Israel.

    Confirmed at:http://www.snopes.com/computer/virus/osama.asp

    Origins: There are few headlines that would grab the attention of more
    computer users around the world than "Osama bin Laden Captured," and
    that's exactly what whoever created this lure was counting on to snare
    unsuspecting victims who use Microsoft platforms.

    "Osama bin Laden Captured" isn't a virus in itself; it's the text of a
    message that includes a link to a file called EXPLOIT.EXE. When a
    message recipient clicks on this link to view what he thinks are
    pictures of Osama bin Laden's capture, he can end up downloading an
    executable Trojan known as Backdoor-AZU, BKDR_LARSLP.A, Download.Trojan,
    TrojanProxy.Win32.Small.b,or Win32.Slarp. Clicking the embedded link in
    the "Osama bin Laden Captured" message auto-executes a file called
    "EXPLOIT.EXE," which exploits a known security hole to download the
    Trojan. According to McAfee Security:


    The Trojan opens a random port on the victim's machine. It sends the
    Port information to a webpage at IP address 66.139.77.145. The Trojan
    listens on the open port for instructions and redirects traffic to other
    IP addresses. Spammers and hackers can take advantage of compromised
    systems by using the infected computer as a middleman, allowing them to
    pass information through it and remain anonymous.
     
    jaylach,
    #1
  2. 2005/08/19
    markp62

    markp62 Geek Member Alumni

    Joined:
    2002/05/01
    Messages:
    4,012
    Likes Received:
    16
    An interesting note to this is the IP address resolves to what appears to be a customer DSL line, real near to where I live.

    rgName: SBC Internet Services - Southwest
    OrgID: SBIS
    Address: 2701 W 15th St PMB 236
    City: Plano
    StateProv: TX
    PostalCode: 75075
    Country: US

    NetRange: 66.136.0.0 - 66.143.255.255
    CIDR: 66.136.0.0/13
    NetName: SBIS-SBIS-5BLK
    NetHandle: NET-66-136-0-0-1
    Parent: NET-66-0-0-0-0
    NetType: Direct Allocation
    NameServer: NS1.SWBELL.NET
    NameServer: NS2.SWBELL.NET
    Comment: ADDRESSES WITHIN THIS BLOCK ARE NON-PORTABLE
    RegDate: 2001-06-05
    Updated: 2002-08-08

    TechHandle: ZS44-ARIN
    TechName: IPAdmin-SBIS
    TechPhone: +1-800-648-1626
    TechEmail: IPAdmin-SBIS@sbis.sbc.com

    OrgAbuseHandle: ABUSE6-ARIN
    OrgAbuseName: Abuse - Southwestern Bell Internet
    OrgAbusePhone: +1-800-648-1626
    OrgAbuseEmail: abuse@sbcglobal.net

    OrgNOCHandle: SUPPO-ARIN
    OrgNOCName: Support - Southwestern Bell Internet Services
    OrgNOCPhone: +1-800-648-1626
    OrgNOCEmail: support@swbell.net

    OrgTechHandle: IPADM2-ARIN
    OrgTechName: IPAdmin-SBIS
    OrgTechPhone: +1-800-648-1626
    OrgTechEmail: IPAdmin-SBIS@sbis.sbc.com
     
    markp62,
    #2


  3. to hide this advert.

Share This Page

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Accept Learn More...