OK guys. The regular virus alerts that we see all the time p!ss me off, but I know first hand this one is for real.

Today we received a very similar virus to the LoveBug. Needless to say, we now know our exchange server is capable of sending 578 e-mails in 30 seconds.

The message arrives with homepage as the subject heading.

The text within the message simply says check out my cool homepage ;O).

The attached file was homepage.HTML.vbs

The curious turkeys at work actually clicked and hey presto - floods of e-mails.

Keep a close eye on this one. You're bound to get it.

The message originated from someone at the following domain

 

Yup - we got this today too

Fortunately, spied, seen, apprehended and removed automatically by AV software Got paged as well

Had pleasure in deleting permanently later



Had another similar strain/different name as well today - I'm going to get the pager turned of, it's bugging me

 

Puff.

Two questions......

a) Have you got that front spoiler yet

b) Do you recall who the virus came from?

Cheers
Data

 

1) It's on it's way

2) Not at the moment as I am at home, on the beer & I deleted it hours ago! 1 virus definately came from an address with koolart in it, but I think that one was entitled "sales".

 

<BLOCKQUOTE><font size="1" face="Verdana, Arial">quote:<HR>The message originated from someone at the following domain

 

Puff.

What software are you running?

Ta
Kurt

 

Dr Solomans or whatever it is nowadays - NAI Anti-Virus Suite - 2 year deal.

I have it polling constantly (well often ) for dat updates (leased line) & it integrates nicely with all aspects of our set-up

Added to this is my own draconian hold over the network & what users can/cannot do

Going to bed now, but drop me an email if you want a call about it...

 

PS - My company doesn't sell AV software - we're a courier company

 

<BLOCKQUOTE><font size="1" face="Verdana, Arial">quote:<HR>Added to this is my own draconian hold over the network & what users can/cannot do <HR></BLOCKQUOTE>

Puff, you need to change your name to Puff the B O F H!

 

We've just had it. So guess what I've been doing all morning.

And I've found out our server can send 600 e-mails........Not bad for a little Dell.

Also Symantec have got downloads for this Virus.

 

trapped 4 hits from this virus this a.m. on our gateway server.

thanx once again to MailMarshal (plug, plug), for saving the day -

 

<BLOCKQUOTE><font size="1" face="Verdana, Arial">quote:<HR>Originally posted by Puff The Magic Wagon!:
<B>PS - My company doesn't sell AV software - we're a courier company [/quote]

But for a price, you'll deliver it......

 

I do have shares in the company!

Glad to hear that our Generic detection worked for some of you, expect to see it in action again at a later date.

Some advice for all, block .vbs files at the gateway.

 

You might also want to have a look at

 

We had at work today some 161 messages with it attached, but luckily it never got through!!

Nath

 

<BLOCKQUOTE><font size="1" face="Verdana, Arial">quote:<HR>Originally posted by Dave T-S:
<B> But for a price, you'll deliver it......

[/quote]

& a very competitive price too

 

thanks for the warning, i just got this in my hotmail account, it went straight in the bin!