The Virus/Hoax info alert thread !!

[mari62]

I've opened this thread to keep us informed about important and serious virus and hoax alerts and to give tips on how to protect our PCs from them.

 

Please feel free to add everything you think could be useful for us to know.

 

------------------------------------------------------------------------------------

 

As many of us have accounts on Facebook and Myspace I thought I should share these articles with you:

 

1) Koobface computer virus attacks Facebook users

Koobface is spread through messages sent from friends whose computers are infected with the virus. The messages arrive in Facebook inboxes with titles like "you look just awesome in this new movie" and direct readers to another Web site to supposedly watch the clip.[/i] (such as Youtube)

 

After clicking to visit the site, users are shown a message that tells them they need an updated Adobe Systems Flash player. But downloading the software infects the victim's computer with the virus.

 

Here's the whole article:http://www.sfgate.com/cgi-bin/article.cgi?f=/c/a/2008/12/06/BU0R14IR63.DTL

 

And here's a similar one on the same subject :http://blog.wired.com/business/2008/12/koobface-virus.html

 

2) Facebook 'infiltrated by Nigerian fraudsters'

 

Fraudsters send messages to the compromised user's friends claiming they are in trouble overseas and asking them for cash.Online security experts have warned that cyber criminals are using more sophisticated methods – including social networks – as web users wise up to traditional email frauds.......

 

To read the whole article you can go here: http://www.telegraph.co.uk/scienceandtechnology/technology/technologynews/3438012/Facebook-infiltrated-by-Nigerian-fraudsters.html

 

--------------

Edited January 28, 2009 by mari62
added intro

[Gracekelly85]

THANK YOU MARINA!!!!

[Lena]

Thanks you Mari for the information! For some reason I always forget, that there is a danger.

[robertina]

today i googled for Rondor Publishing, the agency that sent mika the baloons...well, i've found rondor.net and it looked the right one, organization of events and such...well....DO NOT CLICK THERE!

 

a virus was ready to hit me!!! but my uber super antivirus blocked it.

and of course i was smart enough not to accept odd installations.........

 

mika...have you heard, my dear?

[Gracekelly85]

today i googled for Rondor Publishing, the agency that sent mika the baloons...well, i've found rondor.net and it looked the right one, organization of events and such...well....DO NOT CLICK THERE!

 

a virus was ready to hit me!!! but my uber super antivirus blocked it.

and of course i was smart enough not to accept odd installations.........

 

mika...have you heard, my dear?

 

I've just read this in the italian thread!

[ruxi]

thanks for letting us now.

i normally don't install stuff on my pc just like that...but it's good to know

[Marianne84]

today i googled for Rondor Publishing, the agency that sent mika the baloons...well, i've found rondor.net and it looked the right one, organization of events and such...well....DO NOT CLICK THERE!

 

a virus was ready to hit me!!! but my uber super antivirus blocked it.

and of course i was smart enough not to accept odd installations.........

 

mika...have you heard, my dear?

 

 

Doh! Mika you're putting us in danger by giving names like that. Of course we are curious. I never install anything I'm not sure of though.

[sparkly1]

I think something like this tried to catch ME out 3 times on MSN cos 3 of my contacts who have not spoken to me for a ages and ages opened up a convo with me but it was just a link telling me to go on it and look at something or other, can't remember what but I remembered NEVER to click random links without asking the "contact" what they are for first.

[dj-olaa]

Phone-ix thanks.

[Christine]

today i googled for Rondor Publishing, the agency that sent mika the baloons...well, i've found rondor.net and it looked the right one, organization of events and such...well....DO NOT CLICK THERE!

 

Oh Robi, you should have asked. I used to work for their record company so I could have filled you in.

[wasabi_tea]

The messages arrive in Facebook inboxes with titles like "you look just awesome in this new movie"

 

Ooh, I've had a few messages like that, I think... just as well I always just roll my eyes and delete them without even reading them, haha!

[mari62]

I think something like this tried to catch ME out 3 times on MSN cos 3 of my contacts who have not spoken to me for a ages and ages opened up a convo with me but it was just a link telling me to go on it and look at something or other, can't remember what but I remembered NEVER to click random links without asking the "contact" what they are for first.

Yeah, you're right: have heard about some virus on MSN as well

And found this right now: (chain letter)

 

http://www.sophos.com/security/hoaxes/MSN.html

[mari62]

Conficker (aka Downup, Downadup and Kido) is a computer worm that surfaced in October 2008 that targets the Microsoft Windows operating system.[1] The worm exploits a known vulnerability in the Windows Server service used by Windows 2000, Windows XP, Windows Vista, Windows Server 2003 and Windows Server 2008.[2]

 

http://en.wikipedia.org/wiki/Conficker

-----------

 

 

Protecting Against the Rampant Conficker Worm

Erik Larkin, PC World

Jan 16, 2009 11:31 pm

 

Businesses worldwide are under attack from a highly infectious computer worm that has infected almost 9 million PCs, according to antivirus company F-Secure.

 

That number has more than tripled over the last four days alone, says F-Secure, leaping from 2.4 million to 8.9 million infected PCs. Once a machine is infected, the worm can download and install additional malware from attacker-controlled Web sites, according to the company. Since that could mean anything from a password stealer to remote control software, a Conflicker-infected PC is essentially under the complete control of the attackers.

 

 

According to the Internet Storm Center, which tracks virus infections and Internet attacks, Conficker can spread in three ways.

 

First, it attacks a vulnerability in the Microsoft Server service. Computers without the October patch can be remotely attacked and taken over.

 

Second, Conficker can attempt to guess or 'brute force' Administrator passwords used by local networks and spread through network shares.

 

And third, the worm infects removable devices and network shares with an autorun file that executes as soon as a USB drive or other infected device is connected to a victim PC.

 

 

Conficker and other worms are typically of most concern to businesses that don't regularly update the desktops and servers in their networks. Once one computer in a network is infected, it often has ready access to other vulnerable computers in that network and can spread rapidly.

 

Home computers, on the other hand, are usually protected by a firewall and are less at risk. However, a home network can suffer as well. For example, a laptop might pick up the worm from a company network and launch attacks at home.

 

The most critical and obvious protection is to make sure the Microsoft patch is applied. Network administrators can also use a blocklist provided by F-Secure to try and stop the worm's attempts to connect to Web sites.

 

And finally, you can disable Autorun so that a PC won't suffer automatic attack from an infected USB drive or other removable media when it's connected. The Internet Storm Center links to one method for doing so at http://nick.brown.free.fr/blog/2007/10/memory-stick-worms.html, but the instructions involve changing the Windows registry and should only be attempted by adminstrators or tech experts. Comments under those instructions also list other potential methods for disabling autorun.

 

 

http://www.pcworld.com/article/157876/protecting_against_the_rampant_conficker_worm.html

[happikali]

Thanks for posting Marina !!

[DarkLight]

a friend of mine sent me an email warning me about a new virus

 

this is the email as she sent it

 

READ AND HEED !!!!!!!!!

 

 

 

 

TWO SUBJECT LINES TO BEWARE OF :

 

 

 

 

 

 

Just verified this with Snopes and it is REAL. ALSO WENT TO TRUTH OR FICTION, IT'S on their site also.

 

 

 

PLEASE INFORM EVERYONE you know!

 

 

 

 

 

Emails with pictures of Osama Bin-Laden hanged are being sent and the moment that you open these emails your computer will crash and you will not be able to fix it!

 

 

 

 

1.) If you get an e-mail along the lines of 'Osama Bin Laden Captured' or 'Osama Hanged' , don't open the Attachment!!!!

 

 

 

 

 

 

 

 

 

This e-mail is being distributed through countries around the globe, but mainly in the US and Israel .

 

 

 

 

 

Be considerate & send this warning to whomever you know..

 

 

 

 

 

PLEASE FORWARD THIS WARNING AMONG FRIENDS, FAMILY AND CONTACTS:

 

 

 

 

2.) You should be alert during the next few days:

Do not open any message with an attached file called 'Invitation' regardless of who sent it.

 

 

 

 

 

It is a virus that opens an Olympic Torch which 'burns' the whole hard disc C of your computer!!!!

 

 

 

 

 

This virus will be received from someone who has your e-mail address in his/her contact list, that is why you should send this E-Mail to all your contacts.

 

 

 

 

 

It is better to receive this message 25 times than to receive the virus and open it.

 

 

 

If you receive e-mail called 'invitation', though sent by a friend. Do not open it!!! Shut down your computer immediately!!!!

 

 

 

 

 

This is the worst virus announced by CNN, it has been classified by Microsoft as the most destructive virus ever.

 

 

This virus was discovered by McAfee yesterday, and there is no repair yet for this kind of virus.

 

 

 

 

 

This virus simply destroys the Zero Sector of the Hard Disc, where the vital information is kept.

 

 

 

SEND THIS E-MAIL TO EVERYONE YOU KNOW!!!!!!

Edited January 28, 2009 by DarkLight
typo

[englishrose]

a friend of mine sent me an email warning me about a new virus

 

 

That one went around a couple of years ago. I don't think it's anything to worry about, but it can't hurt to be safe.

[happikali]

That one went around a couple of years ago. I don't think it's anything to worry about, but it can't hurt to be safe.

Agree !! I also got it then ... :rolls_eyes: ... Better to be safe than sorry ....

[mari62]

Thanks for posting Marina !!

You're veeery welcome Happikali !! Its my pleasure!

yeah... exactly!

[Lolliepop_girl]

OMG thanks for the tip!

 

Not that anyone sends me stuff on FB

[mari62]

OMG thanks for the tip!

 

Not that anyone sends me stuff on FB

My pleasure Khayla

[Blue Sky]

I find a good way to check if things (messages about viruses and saving people from cancer etc) are true is to look at www.snopes.com

[mari62]

BS the link doesn't work for me

[mari62]

a friend of mine sent me an email warning me about a new virus

 

this is the email as she sent it

 

 

 

Emails with pictures of Osama Bin-Laden hanged are being sent and the moment that you open these emails your computer will crash and you will not be able to fix it!

 

 

1.) If you get an e-mail along the lines of 'Osama Bin Laden Captured' or 'Osama Hanged' , don't open the Attachment!!!!

 

 

 

That one went around a couple of years ago. I don't think it's anything to worry about, but it can't hurt to be safe.

T4P Chantelle!

 

Yeah, you're right ER, its a very old email... still going around

 

Made a little research and found out it really contains a virus

 

<<Occhio all'e-mail che annuncia la cattura di Bin Laden, contiene un virus 6.6.05

BBC NEWS

 

Fake Bin Laden e-mail hides virus: "Users are being warned not to open junk e-mail messages claiming Osama Bin Laden has been captured. The messages claim to contain pictures of the al-Qaeda leader's arrest but anyone opening the attachment will fall victim to a Microsoft Windows virus... Anyone opening the attachments or visiting the website will get a version of the Psyme trojan installed on their PC.

 

The vulnerability exploited by Psyme is found in Windows 2000, 95, 98, ME, NT, XP and Windows Server 2003. Users were urged to update their version of Windows to close the loophole. This latest virus is the third to use the name of the al-Qaeda leader to trick people into opening it.

 

In July last year an e-mail began circulating that claimed to link to a website holding a video of Bin Laden's suicide. Another virus circulating in November 2004 posed as a video message from the al-Qaeda leader. "

 

Altre info da The Register:

 

"The bogus emails attempt to seed infection of a new downloader Trojan, Small-AXR, contained in a pics.scr file within a zip attachment of the fraudulent messages.">>

source: http://attivissimo.blogspot.com/2005/06/occhio-alle-mail-che-annuncia-la.html

[mari62]

2.) You should be alert during the next few days:

Do not open any message with an attached file called 'Invitation' regardless of who sent it.

 

 

 

It is a virus that opens an Olympic Torch which 'burns' the whole hard disc C of your computer!!!!

 

 

 

 

This virus will be received from someone who has your e-mail address in his/her contact list, that is why you should send this E-Mail to all your contacts.

 

 

 

If you receive e-mail called 'invitation', though sent by a friend. Do not open it!!! Shut down your computer immediately!!!!

 

 

 

 

 

This is the worst virus announced by CNN, it has been classified by Microsoft as the most destructive virus ever.

 

 

This virus was discovered by McAfee yesterday, and there is no repair yet for this kind of virus.

 

 

 

 

 

This virus simply destroys the Zero Sector of the Hard Disc, where the vital information is kept.

 

 

SEND THIS E-MAIL TO EVERYONE YOU KNOW!!!!!!

On the contrary N° 2 seems to be false

 

<<Olympic Torch Invitation Virus Hoax

 

Summary:

Message claims that an email with an attached file called "Invitation" contains a virus that will open an Olympic Torch that destroys the computer's hard drive (Full commentary below.)

 

 

 

Status:

False

 

Update:

A new version of the hoax email falsely claims that the information in the message has been verified by Hoax-Slayer.com and Snopes.com (details below).

 

Update:

February 2008 - Yet another version claims that an email with an attachment entitled "POSTCARD" will destroy the hard drive of the infected computer. (Read an article about the Postcard Image Virus Hoax)

 

Example: (Submitted, February 2006)

WARNING

 

You should be alert during the next days: Do not open any message with an attached filed called "Invitation" regardless of who sent it. It is a virus that opens an Olympic Torch which "burns" the whole hard disc C of your computer. This virus will be received from someone who has your e-mail address in his/her contact list, that is why you should send this e-mail to all your contacts. It is better to receive this message 25 times than to receive the virus and open it.

 

If you receive a mail called "invitation", though sent by a friend, do not open it and shut down your computer immediately.

 

This is the worst virus announced by CNN, it has been classified by Microsoft as the most destructive virus ever. This virus was discovered by McAfee yesterday, and there is no repair yet for this kind of virus. This virus simply destroys the Zero Sector of the Hard Disc, where the vital information is kept. SEND THIS E-MAIL TO EVERYONE YOU KNOW, COPY THIS E-MAIL AND SEND IT TO YOUR FRIENDS AND REMEMBER: IF YOU SEND IT TO THEM, YOU WILL BENEFIT ALL OF US>>

 

 

 

Source: http://www.hoax-slayer.com/olympic-torch-virus-hoax.html

 

 

<<Postcard Image Virus Hoax

 

Summary:

Warning message claims that an email with an attachment entitled "POSTCARD" will destroy the hard drive of the infected computer and has been classified as the most destructive virus ever (Full commentary below).

 

 

Status:

Warning is a hoax but is causing confusion because it includes a link to information about a genuine but totally unrelated virus.

(Please read full commentary below for details)

 

Example: (Submitted, November 2008)

Subject: FW: Warning. Big virus coming. Read email.

 

VERY IMPORTANT - BIG VIRUS COMING !!! PLEASE READ & FORWARD !!!

 

http://www.snopes.com/computer/virus/postcard.asp -

(Snopes lists all the names it could come in. )

 

Hi All,

 

I checked with Norton Anti-Virus, and they are gearing up for this virus! I checked Snopes (URL above:), and it is for real!!

 

Get this E-mail message sent around to your contacts ASAP.

 

PLEASE FORWARD THIS WARNING AMONG FRIENDS, FAMILY AND CONTACTS!

 

You should be alert during the next few days.

Do not open any message with an attachment entitled 'POSTCARD FROM HALLMARK,'

regardless of who sent it to you.

 

It is a virus which opens A POSTCARD IMAGE - it 'burns' the entire hard disc C.

This virus will be received from someone who has your e-mail address in their contact list. This is the reason why you must send this e-mail to all your contacts. It is better to receive this message multiple times than to receive the virus and open it.

If you receive mail called' POSTCARD,' even though sent to you by a friend, do not open it! Shut down your computer immediately.

 

This virus has been classified by Microsoft as extremely destructive.

 

McAfee discovered this virus yesterday.

 

This virus destroys the Zero Sector of the Hard Disc, where the vital information is kept.

 

COPY THIS BCC E-MAIL TO YOUR FRIENDS.

 

REMEMBER: IF YOU SEND IT ON, YOU WILL BENEFIT ALL OF US >>

 

 

source: http://www.hoax-slayer.com/postcard-virus-hoax.shtml

[mari62]

I find a good way to check if things (messages about viruses and saving people from cancer etc) are true is to look at www.snopes.com

 

BS the link doesn't work for me

Think I've found out the link you wanted to post - it should be this one http://www.snopes.com/computer/virus/virus.asp

 

Very useful! Thanks BS!!