To All:
If you receive a message shown below, DO NOT OPEN the attached
zipped_files.exe file:
--------------------------------------------------------------
Hi <your name> !
I received your email and I shall send you a reply ASAP.
Till then, take a look at the attached zipped docs.
bye.
<<zipped_files.exe>>
--------------------------------------------------------------
Many Corporations are already dealing with a new variant of the
autospam TROJ_EXPLOREZIP worm: TROJ_EXPZIPWMPAK.
Some machines on the IBIS reflector e-mail lists may have
already been infected.
When you send any e-mail through the IBIS reflectors or directly,
you may get the above response sent directly back to you. DO NOT
OPEN the attached zipped_files.exe file. Below is part of an
explaination sent out on my site:
> After a user clicks on the attachment, this destructive trojan
> searches hard drives C: through Z:, selecting the Microsoft Word,
> Excel and PowerPoint files as well as source code files used by
> programmers including C++, C, and Assembler source files and
> reduces their file size to zero, making the data unrecoverable.
> When executed, TROJ_EXPZIPWMPAK utilizes MAPI enabled email
> systems, to automatically reply to any subsequently received
> email messages. The email reply will include the infected
> attachment with the message shown above. It will use the
> subject line of the received email when it replies.
>
> "TROJ_EXPLOREZIP caused millions of dollars of damage worldwide
> the first time since it overwrites files, instead of just deleting
> them, it's particularly damaging.
Bob Ross
Mentor Graphics
Received on Wed Dec 1 10:57:26 1999
This archive was generated by hypermail 2.1.8 : Fri Jun 03 2011 - 09:53:46 PDT