eWorld.UI - Matt Hawley

Ramblings of Matt

Its a Scary Day.

January 27, 2004 01:02 by matthaw
Why is it a scary day? Well, I just got an email with an attachment. So? Whats your point...well a few things:

1. The email was from someone I didn't know, no biggie I get these all the time for support.
2. No subject. Well, this isn't always a problem, since I know some users just don't know that the cursor starts at the subject line 99% of the time.
3. The email said "test". Huh, now thats a bugger, I guess it worked?
4. There was an attached file, a zipped one - wow someone sent me pictures?

Well, if you haven't figured it out yet, I've finally seen something I've been dreading for the longest time, a zipped-up virus attached to an email. Why is this so important, though...it can pass through almost all server based virus scanners scanning emails as they come across. So, as I quickly alerted my employer (which then sent out a company wide email stating roughly the same thing), I wanted to alert the community as well. Be alarmed if you receive an email from someone you don't know that has a zipped attachment...especially if the attachment contains a .pif file.

UPDATE: CNet is reporting this virus now, be warned! (story)

Categories: General
Actions: E-mail | Permalink | Comments (4) | Comment RSSRSS comment feed


January 27. 2004 03:56

I got one of these today... it contained a binary .exe renamed to 'message.exe'.  Dont know what the payload was, it was deleted right away.



January 27. 2004 05:59

many server based virus scanners can handle zip files e.g. symantec. You often have to install the zip software, so it can understand the archives, but AFAIR, pk204g.exe will work fine, otherwise download winzip.


January 27. 2004 14:06

15 + mails of these for me just today.

Eventual ruling - block all emails with zip files.


January 27. 2004 18:20

True, most virus scanners do scan zip files, however, when the files contained are not infected themselves, they can continue on.  In this instance, the file in the zip file was the virus executable, and was not infected with it.

Matt Hawley

Comments are closed

Copyright © 2000 - 2021 , Excentrics World