South Africa Info Forums
Virus warning - Printable Version

+- South Africa Info Forums (https://globalbuzz-sa.com/forums)
+-- Forum: Your Resources (https://globalbuzz-sa.com/forums/Forum-Your-Resources)
+--- Forum: Your Computers, Gadgets and Software (https://globalbuzz-sa.com/forums/Forum-Your-Computers-Gadgets-and-Software)
+--- Thread: Virus warning (/Thread-Virus-warning)



Virus warning - oe-la-la - 14-07-2005

Please find below information on a new virus -



Remember do not open emails from unknown sources
do not run attatchments for unknown contacts
inform your local IT immediately of any infections or alerts - do not email
freinds and co workers of virus email.
Viruses need to be contained not passed !!!!! :bashpc:
Virus exploits London Tube bombs
Train at Aldgate station, Metropolitan Police

Bombs went off on three London Underground tube trains

Virus writers are using the London bombings to spread malicious programs.

A Windows virus has been created that claims to link to amateur video
footage of the aftermath of one of the bombs on the London Underground.

Anyone following the link in the e-mail will have their computer infected
by
a program that puts it under the remote control of the virus creator.

The virus tries to look more legitimate by posing as a newsletter from US
news organisation CNN.

Video grab

The virus is travelling in an e-mail which bears the subject line: "TERROR
HITS LONDON" and comes from a spoofed e-mail address.

The body of the message tells those receiving it to click on the attached
file which claims to show amateur video footage shot in the London
Underground immediately after one of the bombs went off.

A file called "London terror moovie.avi" is attached to the malicious
e-mail. Hidden after a long series of blank spaces is the real title of the
file that is attached.

An attempt has been made to make this look harmless by giving it the name:
"Checked by Norton Antivirus.exe".

Anyone clicking on the file will not be shown a video. Instead their PC
will
be infected by the as yet un-named Trojan.

Next time the compromised machine is started, it will report in to the
virus
creator and become part of a spam-sending zombie network.

Because it relies on people clicking on the attachment, the malicious
program can affect Windows 2000, 95, 98, Me, NT, XP and Windows Server
2003.


Although the program is not widely distributed, security companies asked
people to be vigilant and update their anti-virus software regularly.