NIEGPINI.EXE infected with Win-CIH virus!
The attachment NIEGPINI.EXE from Sender: owner-cypherpunks@EINSTEIN.ssz.com (didn't someone just say SSZ is open relay?) is infected with the Win-CIH virus (hope you had anti-virus software). Win-CIH is particularly nasty in that you don't have to run an infected .EXE to catch it. Browsing a folder in windows explorer will look inside the infected .EXE for an icon to display, which is enough to start the viral code. Full Outlook (no experience with Express) calls up such icons (barf!) List members should be aware of this new attack on the CDR. The infected program is also in both archives. Do they want to know or have they abdicated responsibility for the contents of the archives? Anonymous Whistleblower. [Forwarded message]
On Thu, Mar 01, 2001 at 05:38:02AM -0800, A. Melon wrote:
The attachment NIEGPINI.EXE from Sender: owner-cypherpunks@EINSTEIN.ssz.com (didn't someone just say SSZ is open relay?) is infected with the Win-CIH virus (hope you had anti-virus software).
SSZ's being an open relay doesn't have anything to do with people sending virii through it. All CDRs, except the one at lne.com, accept and re-post mail from anyone, on the cypherpunks list or not. That's not an open relay, which is a mailer that allows third-party mail- i.e. joe spammer @ aol sends mail to ssz which then forwards it to the spammer's targets. That said, even if all the CDRs only accepted posts from subscribers ("closed" list), the list would be subject to virii-- Exchange seems to be the email virus writer's target of choice (opportunity?) these days, and too many people use Exchange, probably because their corporate IT depts force them to.
List members should be aware of this new attack on the CDR.
What makes you think that the virus was specifically an attack on the CDR? -- Eric Murray Consulting Security Architect SecureDesign LLC http://www.securedesignllc.com PGP keyid:E03F65E5
participants (2)
-
A. Melon -
Eric Murray