Thread: virus warning
Hi Recently I receive massive mail attack. This attack comes from some postgresql mailing list users. All send-to adresses are taken from users mailboxes which contain postgresql posts. Currently I found two kinds of viruses: 1. Empty post with "Undelivered message to..." body 2. Microsoft "Dear Customer... " based on www.microsoft.com design. Both mails contains some .exe attachement. Regards, Tomasz Myrta
On Friday 19 September 2003 07:17, Tomasz Myrta wrote: > Hi > Recently I receive massive mail attack. This attack comes from some > postgresql mailing list users. All send-to adresses are taken from users > mailboxes which contain postgresql posts. Currently I found two kinds of > viruses: > 1. Empty post with "Undelivered message to..." body > 2. Microsoft "Dear Customer... " based on www.microsoft.com design. > Both mails contains some .exe attachement. I've been getting something similar myself. Roughly 100 per day. -- Richard Huxton Archonet Ltd
On 19/09/2003 07:17 Tomasz Myrta wrote: > Hi > Recently I receive massive mail attack. This attack comes from some > postgresql mailing list users. All send-to adresses are taken from users > mailboxes which contain postgresql posts. Currently I found two kinds of > viruses: > 1. Empty post with "Undelivered message to..." body > 2. Microsoft "Dear Customer... " based on www.microsoft.com design. > Both mails contains some .exe attachement. > > Regards, > Tomasz Myrta So far I've had nearly 150 of these in the last 12 hours or so. Somebody on these lists has a lot of explaining to do! Fortunately my spam filters are up to scratch and I run Linux :) Others may not be so lucky. -- Paul Thomas +------------------------------+---------------------------------------------+ | Thomas Micro Systems Limited | Software Solutions for the Smaller Business | | Computer Consultants | http://www.thomas-micro-systems-ltd.co.uk | +------------------------------+---------------------------------------------+
> So far I've had nearly 150 of these in the last 12 hours or so. Somebody > on these lists has a lot of explaining to do! Fortunately my spam > filters are up to scratch and I run Linux :) Others may not be so lucky. Currently I've found 45 different Return-Path values in these posts and it's growing :-( Regards, Tomasz Myrta
The world rejoiced as dev@archonet.com (Richard Huxton) wrote: > I've been getting something similar myself. Roughly 100 per day. Only 100, eh? I have been seeing that many per hour, give or take... -- "aa454","@","freenet.carleton.ca" http://cbbrowne.com/info/x.html People can be set wondering by loading obscure personal patchable systems, and sending bug reports. Who would not stop and wonder upon seeing "Experimental TD80-TAPE 1.17, MegaDeath 2.5..."? The same for provocatively-named functions and variables in stack traces. -- from the Symbolics Guidelines for Sending Mail
Hi, Yeah me too - about 150 so far today. I was thinking it's from my Debian mailing lists not PostgreSQL. Strange people these stoooopid virus spammers. Good luck with it all. Regards Rudi.
> The world rejoiced as dev@archonet.com (Richard Huxton) wrote: > >>I've been getting something similar myself. Roughly 100 per day. > > > Only 100, eh? I have been seeing that many per hour, give or take... If it will help someone, I found that The Microsoft Virus is called "Swen" or "Gibe". It attacks (as usual) Internet Explorer without proper patches. Regards, Tomasz Myrta
On Fri, 19 Sep 2003, Paul Thomas wrote: > > On 19/09/2003 07:17 Tomasz Myrta wrote: > > Hi > > Recently I receive massive mail attack. This attack comes from some > > postgresql mailing list users. All send-to adresses are taken from users > > mailboxes which contain postgresql posts. Currently I found two kinds of > > viruses: > > 1. Empty post with "Undelivered message to..." body > > 2. Microsoft "Dear Customer... " based on www.microsoft.com design. > > Both mails contains some .exe attachement. > > > > Regards, > > Tomasz Myrta > > So far I've had nearly 150 of these in the last 12 hours or so. Somebody > on these lists has a lot of explaining to do! Fortunately my spam filters > are up to scratch and I run Linux :) Others may not be so lucky. Keep in mind, if you check the headers on the emails you'll see that they are forged. I've been getting about 20 emails a day telling me a message I know I didn't send was infected with a virus. I got 432 last night inbound, some with names forged from this list, others from names unknown. But I don't think it's not the folks on this list, I think it's a windows worm that looks in people's email, harvests names at random, and forged email based on it.
On 19/09/2003 16:37 scott.marlowe wrote: > > Keep in mind, if you check the headers on the emails you'll see that they > > are forged. I've been getting about 20 emails a day telling me a message > > I know I didn't send was infected with a virus. > > I got 432 last night inbound, some with names forged from this list, > others from names unknown. > > But I don't think it's not the folks on this list, I think it's a > windows worm that looks in people's email, harvests names at random, and > forged email based on it. Does seem to be. Just download another 200+. Mildly anoying for me with a DSL line. I really feel for those on dial-up :( -- Paul Thomas +------------------------------+---------------------------------------------+ | Thomas Micro Systems Limited | Software Solutions for the Smaller Business | | Computer Consultants | http://www.thomas-micro-systems-ltd.co.uk | +------------------------------+---------------------------------------------+
Thank god that I use Pine. Yasir On Fri, 19 Sep 2003, Paul Thomas wrote: > Date: Fri, 19 Sep 2003 23:14:54 +0100 > From: Paul Thomas <paul@tmsl.demon.co.uk> > To: "pgsql-sql @ postgresql . org" <pgsql-sql@postgresql.org> > Subject: Re: [SQL] virus warning > > On 19/09/2003 16:37 scott.marlowe wrote: > > > > Keep in mind, if you check the headers on the emails you'll see that they > > > > are forged. I've been getting about 20 emails a day telling me a message > > > > I know I didn't send was infected with a virus. > > > > I got 432 last night inbound, some with names forged from this list, > > others from names unknown. > > > > But I don't think it's not the folks on this list, I think it's a > > windows worm that looks in people's email, harvests names at random, and > > forged email based on it. > > Does seem to be. Just download another 200+. Mildly anoying for me with a > DSL line. I really feel for those on dial-up :( > > -- > Paul Thomas > +------------------------------+---------------------------------------------+ > | Thomas Micro Systems Limited | Software Solutions for the Smaller > Business | > | Computer Consultants | > http://www.thomas-micro-systems-ltd.co.uk | > +------------------------------+---------------------------------------------+ > > ---------------------------(end of broadcast)--------------------------- > TIP 8: explain analyze is your friend >