Jump to content
Search In
  • More options...
Find results that contain...
Find results in...
Sign in to follow this  
Followers 0
Peter Heinemann

sorry_about_yesterday vir

By Peter Heinemann, in Doom General

Recommended Posts

Peter Heinemann   

Peter Heinemann
Posted

Well, (or should I say "Hell"?), half an hour ago I received an e-mail with only "RE:" in the subject line. That e-mail had no visible message content at all, but in the header I fould:

Content-Type: audio/x-wav;
name="Sorry_about_yesterday.MP3.pif"
Content-Transfer-Encoding: base64

I found out on the internet that it is a password stealing MTX virus, which sends itself trough Outlook Express.

Could any one tell me if it also infects computers running Macintosh OS or Unix Systems? Some pages say "Yes", some say "No".

What is your knowledge?

0

Share this post

Link to post

Peter Heinemann   

Peter Heinemann
Posted

Hmm, seems that I found a page discussing this:

"Computers which do not use Microsoft Windows (Macintosh, UNIX, etc) cannot be infected. If you have a Windows NT or 2000 system which has been properly secured the virus will not infect your system."

http://www.rice.edu/Computer/Computing/Virus/mtx.htm#Remove

If anyone thinks it could be dangerous for Linux and Mac users though, please reply :)

0

Share this post

Link to post

Doom_Dude   

Doom_Dude
Posted

I just deleted 4 of these emails with the "re:" in the subject line. All I can find about Sorry_about_yesterday.MP3.pif Is Right Here and is connected to something called a Badtrans internet worm.

0

Share this post

Link to post

Peter Heinemann   

Peter Heinemann
Posted

I just deleted 4 of these emails with the "re:" in the subject line. All I can find about Sorry_about_yesterday.MP3.pif Is Right Here and is connected to something called a Badtrans internet worm.


Thanks Dude, I just read that page and it says:

"Badtrans first surfaced in April. When executed, it drops a remote access Trojan, or RAT, into the user's Windows directory, which attempts to mail the victim's internet protocol (IP) address to the author."

Unix/Mac users do not have a "Windows directory", but I am not sure if the virus will be erased with the deletion of the e-mail. I read that it can live also in just any e-mail application.

0

Share this post

Link to post

Peter Heinemann   

Peter Heinemann
Posted

*.pif is simply a windows shortcut file, isn't it? Of course it can't do anything on Mac/Unix


Hmm, I just thought ,it could work from within the e-mail programm and submit passwords present in the cache.

0

Share this post

Link to post
Guest
This topic is now closed to further replies.
Sign in to follow this  
Followers 0
Go To Topic Listing Doom General
×