Virus poses as Microsoft security patch [Archive]

View Full Version : Virus poses as Microsoft security patch

Snip3r

10-02-2002, 11:43 PM

http://www.nwfusion.com/news/2002/0930msvirus.html

By Matt Berger
IDG News Service, 09/30/02

A virus posing as a security patch from Microsoft is circulating on
the Internet, Microsoft confirmed Monday.

The virus is being distributed in a hoax e-mail that advertises a
patch for a series of vulnerabilities in Microsoft's Internet Explorer
Web browser and Outlook software. The authentic patch for those flaws
was actually released in February. Microsoft said that it has not
updated the patch and that the e-mail is in fact fraudulent.

The e-mail uses a Microsoft address and has the subject line "Internet Security Update." It tells users to immediately run an attached ".exe" file with the name q216309.exe, which a Microsoft spokeswoman
confirmed is a virus.

A similar hoax e-mail was distributed in March carrying the
W32.Gibe@mm worm, which installed a backdoor Trojan if opened that allowed remote access to a user's computer.

The company first saw the e-mail early Monday after being alerted by IDG News Service and could not comment on how widely it may have been distributed. Microsoft is urging users to not run the attachment and referred users to information on its Web site about other hoax -mail.
kk

Phoenix

10-02-2002, 11:47 PM

Damn Hazkers :o

Slice

10-02-2002, 11:54 PM

Speaking of viruses look at what I got today :twisted: Norton caught it thank god! Attatched to this message was the W32.Bugbear virus.

Status: U
Return-Path: <sid@verge.ie>
Received: from mail05.svc.cra.dublin.eircom.net ([159.134.118.21])
by robin (EarthLink SMTP Server) with SMTP id 17WGT876y3NZFjX0
for <rmoir@earthlink.net>; Wed, 2 Oct 2002 03:37:53 -0700 (PDT)
Received: (qmail 62425 messnum 415806 invoked from network[159.134.215.236/p492.as1.adl.dublin.eircom.net]); 2 Oct 2002 08:29:11 -0000
Received: from p492.as1.adl.dublin.eircom.net (HELO 8928cl930242) (159.134.215.236)
by mail05.svc.cra.dublin.eircom.net (qp 62425) with SMTP; 2 Oct 2002 08:29:11 -0000
From: sid <sid@verge.ie>
Subject: ** World Trade Center Tragedy **
MIME-Version: 1.0
Content-Type: multipart/alternative; boundary="----------3O0IZP66GURHM1V"
Message-Id: <200210020337.17WGT876y3NZFjX0@robin>
Date: Wed, 2 Oct 2002 03:37:53 -0700 (PDT)

Dear Fellow Citizens of the World,

I am sure that the majority of you in other countries sympathize with our tragedy.

Most of us here in the U.S. are proud Americans who're horrified by yesterdays actions.

We the citizens make up the backbone of our "UNITED States" of America. Americans uni

OUTLAWS WHOCARES

10-03-2002, 12:31 AM

dude whats up with that.
Can you trace the sender?

Snip3r

10-03-2002, 02:07 AM

Ha, that's real funny Slice, the other day I got an e-mail from my uncle and he told me about the new BugBear Virus.I forget what it did but it is super destructive :twisted: I hope hackz0rz burn in hell!