To LUGNET HomepageTo LUGNET News HomepageTo LUGNET Guide Homepage
 Help on Searching
 
Post new message to lugnet.admin.generalOpen lugnet.admin.general in your NNTP NewsreaderTo LUGNET News Traffic PageSign In (Members)
 Administrative / General / 10908
10907  |  10909
Subject: 
 Follow-up: Virus spam from Kim Brodie targetting LUGNET members?
Newsgroups: 
 lugnet.admin.general
Date: 
 Fri, 11 Apr 2003 15:22:42 GMT
Viewed: 
 382 times
  
Heya y'all,

I've been digging back through my spam trap folder in Outlook, and have come
up with the following conclusions:

1.  I'm looking at at least two different spam virus attacks.  Both are
using open relays in traditional spam style, but:

...Type #1 is obscuring the To: header and seems to prefer open relays
hosted by rr.com (mostly in the American southeast), claims to be from
Microsoft, and has HTML content in the body.

...Type #2 is the Kim Brodie message.  I've been getting slightly more of
these than type #1.  It has an unobscured (and crowded) To: header, plain
text message body, and uses open relays from all over including Canada,
Australia, Germany, and England.  Both types carry the same virus.

2.  There is no Kim Brodie.  I've also received near-identical emails from
"Screamin Rachel", "Joerg Kuppels", "David Senzig", "Wayne Faulkner", and
"Gino".  Gino's was the first, starting in mid-March.  (First appearance of
type #1 came the next day.)  The weird part is, the To: headers aren't
identical, though all targets appear to be LUGNET regulars.  Also, in
several cases, the spamblocks weren't removed from email addresses, so I am
no longer certain the list is hand-assembled.

Here's a funny bit - some of the messages have a sig block (1) claiming to
be Virus Free, certified by by AVG.  Before, I thought these banners were
annoying.  Now that I've received several infected emails with them, it's
worth at least a chuckle.  I have to wonder if the AV vendors realize just
how silly their ad is.

Cheers,
- jsproat

1. *copy-and-pastage*
Outgoing mail is certified Virus Free.
Checked by AVG anti-virus system (http://www.grisoft.com).
Version: 6.0.449 / Virus Database: 251 - Release Date: 1/27/03



Message is in Reply To:
  Virus spam from Kim Brodie targetting LUGNET members?
 
Heya y'all, I don't know if this is old news or not, but a LUGNET search on "brodie" turned up 0 results. OTOH, it seems there was some discussion about 2 weeks back about a virus email hitting .space and .castle users... Anyway, for about a month (...) (22 years ago, 9-Apr-03, to lugnet.admin.general, lugnet.general)

15 Messages in This Thread:








Entire Thread on One Page:
Nested:  All | Brief | Compact | Dots
Linear:  All | Brief | Compact
    
Custom Search

©2005 LUGNET. All rights reserved. - hosted by steinbruch.info GbR