[ale] Apparently used in spam or virus distribution
Jason Etheridge
phasefx at magusaptus.com
Tue Aug 19 12:06:39 EDT 2003
Called W32.Sobig.F at mm. Don't know anything about it, but they forwarded
this at work:
W32.Sobig.F at mm E-Mail Routine Details: -
Subject:
========
Re: Details
Re: Approved
Re: Re: My details
Re: Thank you!
Re: That movie
Re: Wicked screensaver
Re: Your application
Thank you!
Your details
Body:
=====
See the attached file for details
Please see the attached file for details.
Attachment:
===========
application.zip (contains application.pif)
details.zip (contains details.pif)
document_9446.zip (contains document_9446.pif)
document_all.zip (contains document_all.pif)
movie0045.zip (contains movie0045.pif)
thank_you.zip (contains thank_you.pif)
your_details.zip (contains your_details.pif)
your_document.zip (contains your_document.pif)
wicked_scr.zip (contains wicked_scr.scr)
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
On Tuesday, August 19, 2003, at 10:53 AM, John Mills wrote:
> ALErs -
>
> This morning I received two notices from UK recipients to the effect
> that
> mail from me contained suspect attachments, identified in one case as a
> PIF file.
>
> As I am not aware of sending any mail to these recipients and do not
> have
> copies of the suspect mail, I can't tell whether they represent a
> compromise of my Linux-2.4.20 system, the Pine newsreader, fetchmail,
> sendmail, or some other link of the chain.
>
> Any suggestions for learning if this is really my problem?
>
> Thanks.
> - John Mills
> john.m.mills at alum.mit.edu
>
> _______________________________________________
> Ale mailing list
> Ale at ale.org
> http://www.ale.org/mailman/listinfo/ale
>
>
-- Jason
_______________________________________________
Ale mailing list
Ale at ale.org
http://www.ale.org/mailman/listinfo/ale
More information about the Ale
mailing list