The Firing Line Forums

Go Back   The Firing Line Forums > Forum Support > Site Questions and Tech Support (NO FIREARMS QUESTIONS)

Reply
 
Thread Tools Search this Thread
Old October 7, 2001, 06:07 AM   #1
Hal
Senior Member
 
Join Date: October 9, 1998
Location: Ohio USA
Posts: 7,951
Public service---virus threats (computer)

FWIW, and form your own opinion as to the relation to the WTC attack. I believe that at the very least, the several very nasty strains of mal-code are intentional forms of piling on. (lest any forget, Taliban means "students")

IMPORTANT DISCLAIMER I understand this borders on SPAM because of the commercial references contained in the text. I do not work for, nor do I sell Trend products. I do fully recommend them though. It has been my experience that they are effective without being overly intrusive.




Quote:
V I R U S R E P O R T

(by the Trend Micro US Virus Research Group)
************************************************************************
------------------------------------------------------------------------
Date: October 5, 2001
------------------------------------------------------------------------

<SNIP of commercial content>
A fake email message claiming to come from SecurityFocus' ARIS system
and Trend Micro is being used to send a backdoor program disguised as Trend Micro's NIMDA fix tool, called FIX_NIMDA.EXE. This backdoor program creates
two Trojan files, TROJ_BIONET318.A and TROJ_HUKKEY.A. It also shares an I
nfected system's local drives C:\ through Z:\, which it hides with a dollar sign. These messages do not come from Security Focus or Trend Micro. Trend
Micro does not send emails with executable attachments, unless specifically requested to do so by individual customers.

This Trojan uses TROJ_HUKKEY.A to steal passwords and send emails. TROJ_BIONET318.A is a backdoor program that allows a remote hacker access to an infected system. It is also responsible for logging all keystrokes from the keyboard and for saving these keystrokes in a file.

This Trojan has been classified as low risk.

Trend Micro's authentic NIMDA fix tool, FIX_NIMDA.com, may be downloaded from the Web site at www.antivirus.com/vinfo/security/nimda_form/

For additional information about TROJ_JESTRO.A, please visit Trend Micro at:
http://www.antivirus.com/vinfo/virus...TROJ_JESTRO.A.

TROJ_JESTRO.A is detected by Trend Micro pattern file #148 or #948.

3. 10 Most Prevalent In-The-Wild Malware Surveyed by Trend Micro US
(week of: September 24, 2001 to September 30, 2001)
------------------------------------------------------------------------
1. TROJ_SIRCAM.A
2. PE_MAGISTR.DAM
3. PE_NIMDA.A
4. VBS_HAPTIME.A
5. PE_MAGISTR.B
6. TROJ_BADTRANS.A
7. JS_NIMDA.A
8. TROJ_BLKSTONE.A
9. TROJ_NEWPIC.A
10. PE_MAGISTR.A

SPECIAL OFFER:
<SNIP of commercial content>

4. Top 10 Viruses Trend Micro's US Customers are Most Concerned About
(where systems were not infected)
------------------------------------------------------------------------
1. TROJ_VOTE.A
2. TROJ_SIRCAM.A
3. PE_MAGISTR.DAM
4. VBS_HAPTIME.A
5. PE_MAGISTR.A
6. JS_KAKWORM.A
7. TROJ_NEWPIC.A
8. TROJ_NAVIDAD.E
9. TROJ_HYBRIS.B
10. PE_NIMDA.A

5. Test Your Virus Knowledge & Scan Your Computer FREE!
<SNIP of commercial content>
Original content can be obtained at www.antivirus.com
Hal is offline  
Reply

Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump


All times are GMT -5. The time now is 05:13 AM.


Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2017, vBulletin Solutions, Inc.
This site and contents, including all posts, Copyright © 1998-2017 S.W.A.T. Magazine
Copyright Complaints: Please direct DMCA Takedown Notices to the registered agent: thefiringline.com
Contact Us
Page generated in 0.05354 seconds with 10 queries