Virus Warnings (especially badtrans)
John Chambers
jc at trillian.mit.edu
Fri Nov 30 14:48:18 EST 2001
Jerry Feldman warned:
| Some of you on this forum use Windows.
| Lately, the W32.BADTRANS worm has been infecting a lot of systems. Discuss just received a
| couple of these within the past hour. Fortunately, the from address is prepended with an
| underscore (eg. gaf at blu.org becomes _gaf at blu.org) so mailman will block the postings. This is
| just a ward of cauthion for those unfortunate enough to be running Windows and even worse,
| Outlook Express.
| http://www.symantec.com/avcenter/venc/data/w32.badtrans.b@mm.html
| http://www.datafellows.com/v-descs/badtrs_b.shtml
The Symantec description is interesting. It sounds a lot like a form
(or prototype) of the Magic Lantern virus that has got so much
attention lately. In particular, it installs keylogging software and
looks for likely passwords in active windows. If it finds them, it
sends them off to some innocuous-looking email addresses at places
like yahoo.com and excite.com.
Symantec is one of the companies that has been reported to be talking
to the FBI about making antivirus software ignore Magic Lantern.
More information about the Discuss
mailing list