my profile | my password | search | faq & rules | forum home

» Film-Tech Forum ARCHIVE   » Community   » Film-Yak   » Deluge of Worm-laden E-Mail (Page 1)

This topic comprises 2 pages: 1  2

Author Topic: Deluge of Worm-laden E-Mail Bobby Henderson "Ask me about Trajan." Posts: 10973 From: Lawton, OK, USA Registered: Apr 2001 posted 09-20-2003 11:52 AM                     In the last two days, my e-mail boxes for work and at home (particularly my home DSL account) have been filled with a lot of worm-infected e-mails. For the past few months I've changed my e-mail answering habits to using remote, web-based methods instead of apps like Outlook Express, which ignorantly try to read every note automatically and allow malicious code to launch. Late Thursday, Friday and this Saturday morning, there's just been a ton of these infected notes coming into the mail boxes. My SBC/Yahoo DSL account conveniently throws a lot of these notes into my "Bulk" junk mail folder. I just hit the empty button on it and the Trash folder and most of the malicious notes are gone. Still, some come into the main e-mail box too. The volume of infected notes seems to be increasing too. Just this morning, my personal e-mail folder had 5 infected notes in it. The bulk folder had 54! Nearly all of these notes had file attachments roughly 143k in size. There were a few featuring 14k or 16k (obviously bearing harmful scripts). They all have those subject lines "Latest Network Patch," "Internet Security Patch" etc. with the sender being "MS Corporation" or "Microsoft Customer Service" or "Yahoo Customer Service." There are many other variations on it. Obviously many of these notes have to be coming from infected computers, whose users were ignorant enough to read the note to see what was attached. I use the word "ignorant" to describe these users since harmful e-mails have been bearing the "Microsoft Customer Support, Latest Security Patch" title for over a year now. Anyway, I'm kind of surprised CNN and other press people aren't short-stroking this latest rash of e-mail virus/worm problems. The more maddening thing is law enforcement authorities continuing not to take this stuff seriously at all. If I go and torch the store front of a business, I'll get slapped with a felony conviction, massive fines and a healthy amount of jail time. Do a similar amount of monetary damange against a company via computer, and I'll get treated like a member of a country club. As I said before in another related post, I don't think law enforcement people and the Department of Justice will care much about this garbage until it kills someone. Oh, it also scares me quite a bit to hear that many banks are looking to move their ATM systems to Windows server products by 2005. With the way Microsoft cares about security, your money will be safer under a bed mattress.  |  IP: Logged Paul Linfesty Phenomenal Film Handler Posts: 1383 From: Bakersfield, CA, USA Registered: Nov 1999 posted 09-20-2003 12:15 PM                     In the past two days I've received HUNDREDS of these from (allegedly) Microsoft. I never opened the attachments (I became suspicious due to a mispelling on the first one I received), but it is causing me major headaches. My only reader is OUTLOOK, and I haven't found a "block sender" in this program. Is there one? Is it safe to route these things to the junk folder? My virus detector has done a good job with notifications, but it still is taking a lot of my time.  |  IP: Logged Jack Ondracek Film God Posts: 2348 From: Port Orchard, WA, USA Registered: Oct 2002 posted 09-20-2003 01:02 PM                        Dump Outlook... Install Eudora... Problem fixed.  |  IP: Logged Mark Lensenmayer Phenomenal Film Handler Posts: 1605 From: Upper Arlington, OH Registered: Sep 1999 posted 09-20-2003 01:22 PM                     Road Runner (Time/Warner Cable) is my ISP, and they use a very effective spam/virus filter. I haven't gotten a single worm in months. While we're throwing the virus writers in jail, how about some of those Microsoft programmers who left the holes open for the virus writers to come through. These bugs should not exist, and expecting businesses to patch thousands of machines every week or so just doesn't work. These things are going to drive more and more people to Linux and other operating systems.  |  IP: Logged Bobby Henderson "Ask me about Trajan." Posts: 10973 From: Lawton, OK, USA Registered: Apr 2001 posted 09-20-2003 04:47 PM                     I got another 40 or so of these 143Kb sized files this afternoon. I'm thankful I am on DSL and able to just view my e-mail account from a web-page. 40 notes times 143K is a lot of data to download. I feel sorry for those who are on dial-up having to deal with this shit. quote: Dump Outlook...Install Eudora...Problem fixed. Not really. As long as you use a Windows-based PC you are at risk. One can rig recent editions of Outlook Express to not allow any attachments to be opened or saved that may contain malicious code. That solves most of the problems. However, some variants of the Sven worm don't even show up as an attachment, just a big e-mail with a lot of binary code contained within it. Another thing to do is disabling automatic downloading from Windows Update. Some hackers will break into a users machine and make it appear like Windows update is ready to install a new patch. When the user hits OK his machine is infected. Sure, it is more trouble to have to go to a website to manually download program updates. But it is far safer. Actually this might be an area where Apple might want to do some marketing to sell more hardware. People are keeping their old PCs and building up "home networks". Using MacOSX, it is relatively easy to have both Macs and PCs running on the same network and sharing files (provided your applications are cross-platform compatible). To get to the point, if you have a Mac running for your Internet access point you will not be prone to the computer break-ins and malicious e-mail problems currently plaguing Windows. If the Department of Justice had any balls at all they would have broken Microsoft up into two companies with one running the OS end of things and the other selling web browsers and office productivity apps. The problem in Windows is how it grafts parts of IE, Outlook and MS Office into the OS kernal itself. This is the source of all the security problems. But Microsoft will never fix this completely because they use it as a tool to keep competiting software developers held to a disadvantage.  |  IP: Logged Greg Mueller Phenomenal Film Handler Posts: 1687 From: Port Gamble, WA Registered: Jun 99 posted 09-20-2003 05:20 PM                        I use a program called "Mail Washer". It lets you "look" at your mailbox before you download your mail. You have the option of deleting, bouncing, or doing nothing to the mail that is there. If you do nothing you can then download it with your regular mail program. I like bouncing spam. It might not do any good but I sure feel better when I do it.  |  IP: Logged Adam Martin I'm not even gonna point out the irony. Posts: 3686 From: Dallas, TX Registered: Nov 2000 posted 09-20-2003 05:45 PM                     This is the Dumaru mass-mailing worm.  |  IP: Logged Joe Redifer You need a beating today Posts: 12859 From: Denver, Colorado Registered: May 99 posted 09-20-2003 05:57 PM                        Outlook Express doesn't HAVE to try to open each e-mail. You can turn the preview pane off, then just delete what you know is obviously BS. Just be sure to go into the Deleted Items folder and delete it again (with Outlook you have to delete everything twice), but be sure to never double click on a message you don't want to read.  |  IP: Logged Bobby Henderson "Ask me about Trajan." Posts: 10973 From: Lawton, OK, USA Registered: Apr 2001 posted 09-20-2003 08:23 PM                     The web-based mail program SBC/Yahoo offers to its customers works similar to other spam-filtering e-mail software. Much of the junk mail is placed in separate folders. And you can see the subject lines, sender name and attachment type/size before opening anything. So that's basically what I have been using to preview all my e-mail lately. I delete all the worm-laden filth and spam. Then I'll open Outlook Express to answer the tiny amount of legit e-mail I get. Oh yeah, as of this evening my swbell.net e-mail box received close to 200 copies of worm infected mail. I have to empty my trash folder every time I check the mail. Every six hours or so, the 25MB of e-mail account space I have gets between 10% and 15% filled all because of these worms. I think the various servers linked together on the Internet should just automatically delete this shit before it gets anywhere. Some ISPs are doing this already, but not enough.  |  IP: Logged Ken Layton Phenomenal Film Handler Posts: 1452 From: Olympia, Wash. USA Registered: Sep 1999 posted 09-20-2003 09:57 PM                     I got 76 of these stupid things in my inbox in only a 6 hour period yesterday!  |  IP: Logged Paul G. Thompson The Weenie Man Posts: 4718 From: Mount Vernon WA USA Registered: Nov 2000 posted 09-21-2003 01:53 AM                     That's really odd. I have had absolutely no problem with virus programs and worms delivered to any of my AOL screen names or my email addresses from hotmail.com. I have no choice but to use dial-up since we are still in the stone ages. Any explanations? I have none....  |  IP: Logged Bobby Henderson "Ask me about Trajan." Posts: 10973 From: Lawton, OK, USA Registered: Apr 2001 posted 09-21-2003 02:24 AM                     Paul, it might very well be because you are on a dial-up connection. My default connection at work is a slow dial-up point and I get next to nothing in terms of virus-infected e-mail and hacker attack/break-in attempts there. The only guess I have is the virus senders have some kind of way of telling who has faster broadband access against those who still live in "the dark ages." Criminals are very impatient bastards (who need to be tied down to a BNSF railroad track and run over by a 1,000,000 ton unit train hauling coal down from Colorado --no fate is perversely severe enough for hacking scum, may they die of bleeding ass cancer and vomit blood out there nose and --bwahaahhhahhh! Anyway, you get the point on what low regard I hold hacking scum.)  |  IP: Logged Leo Enticknap Film God Posts: 7474 From: Loma Linda, CA Registered: Jul 2000 posted 09-21-2003 09:34 AM                        I do like Eudora from a security point of view, mainly because of its 'Disable executable HTML in message body' feature. This will allow graphics formatting commands to be executed but nothing else. But I agree that it won't, in itself, make your PC secure. I use a four-stage security procedure: pre-vetting messages on the POP3 server using Mailwasher, then screening them again using Norton as they download, viewing them using Eudora and using Zone Alarm as a firewall. So far I haven't bene infected with anything nasty since the occasion nearly three years ago when I clicked on an attachment and launched MTX. After the amount of damage that did I've been hyper-paranoid about viruses and worms ever since.  |  IP: Logged William H. Ward Film Handler Posts: 27 From: SAn Antonio, Texas Registered: Jul 2003 posted 09-21-2003 03:42 PM                     Well I'm one of the dummies I guess. Thursday I had upgraded my security issues from Microsoft and Friday I received Email from them stating I needed to install the attached patch to complete my upgrade. Well, it looked official enough and I did it. BAM!!! I had the swen32 bug. It kills your antivirus software, reg/scan and other registry utilities. It then attacks your mail box and sends thousands of messages all over the world doing the same thing. I have been receiving about 400/hour replies notifying me the messages contain a virus eminating from my mail address. Reply if you need to know how to rid your computer of this virus. I would like to get a hold of him as he would really have no balls left by the time I got through with him..... If he were to read this email, this is to him  |  IP: Logged Bobby Henderson "Ask me about Trajan." Posts: 10973 From: Lawton, OK, USA Registered: Apr 2001 posted 09-21-2003 05:19 PM                     This is one shred of hope in all this. Many servers keep very detailed logs of who pings through. It is getting more difficult for criminals to anonymize (or "spoof") their headers in the malicious apps they launch. That, and the combination of a number of different security tools, such as S.A.T.A.N., can identify the source of cracking attacks. So, there is a decent shot the originator of Sven32 will eventually be tracked down. My hope is the scumbag will be found to reside in a developed nation with extradition treaties and legal agreements. If that is the case, then there is hope the criminal(s) will get some kind of punishment. Here's the fair punishment for hackers. Anyone who develops and launches a harmful virus or worm should be subject to several charges carrying automatic federal level felony penalites, such as breaking and entering, invasion of privacy, conspiracy to commit corporate or government espionage, conspiracy to commit identity theft, conspiracy to commit wire fraud, etc. Each of these counts gets multiplied for each computer infected. If I had my way, these scumbags could potentially go to jail for the rest of their lives. To add to this, these criminals should be subject to various civil penalities. I would definitely make it so users of infected computers could bring a class-action suit against the hacker on civil rights violations, and that's on top of the physical damage the hacker did to the user's computer data. Some might cringe at the severity of punishment I demand. But consider everything from hospital computers to traffic control systems are being converted to run on Microsoft's faulty software. These hackers are eventually going to get someone killed with their dungeons and dragons fantasy jerk off sci-fi geek-fest bullshit. To hear fans of 2600.com talk, they think hacking is some altruistic way of getting back at the establishment or some left-wing cartoony bullcrap like that. The only people they hurt are small business employees and home computer users. They hurt little people not big wigs. To put it another way, if I go and torch the front of a business I am going to go to jail for arson and be punished pretty severly for the physical damage I did to that business. The Department of Justice doesn't seem to realize that damage to computer systems affects business in the same harmful way, costing them lots of money. It's just that a hacker can, with one keystroke, do the monetary damage equal to torching thousands of store fronts. The fucker needs to go to prison forever and be poor forever for doing that shit. Oh, and I almost forgot, Microsoft really ought to be sued dearly for their neglect of the Windows operating system. The company, by their own choice, has rigged Windows where they can leverage functions of MS Office, Outlook Express, Internet Explorer and a growing number of other MS-branded apps to function better by being grafted (or rather "Frankensteined") into the Win32 kernal. Their monopolistic moves have created much of this security nightmare. They have helped put the computers of millions at risk just for never-ending corporate expansion and greed. So I think it would be perfectly fair for a class-action suit to be brought against MS for this nonsense. [ 09-22-2003, 05:27 PM: Message edited by: Bobby Henderson ]  |  IP: Logged

All times are Central (GMT -6:00)

This topic comprises 2 pages: 1  2

Printer-friendly view of this topic

Hop To: Select a Forum: Category: Operations -------------------- Digital Cinema Forum Film Handlers' Forum Large Format Forum Ground Level Feature Info, Trailer Attachments & REAL Credit Offsets Category: Community -------------------- Film-Yak Film Handlers' Movie Reviews The Afterlife Bob Maar's Joke-A-Thon Category: Classified -------------------- Equipment and Supplies Wanted/For Sale Help Wanted/Seeking Employment Category: System -------------------- Software Beta Testing Forum

The Film-Tech Forums are designed for various members related to the cinema industry to express their opinions, viewpoints and testimonials on various products, services and events based upon speculation, personal knowledge and factual information through use, therefore all views represented here allow no liability upon the publishers of this web site and the owners of said views assume no liability for any ill will resulting from these postings. The posts made here are for educational as well as entertainment purposes and as such anyone viewing this portion of the website must accept these views as statements of the author of that opinion and agrees to release the authors from any and all liability.