BlkKnight

Unknown payload - hidden in .zip
My ISP's A/V didn't see it eithor.

Details:

Attached file:
Article Photos.zip
contains file:
Photo & Article.exe - shows PDF logo

E-mail:

From: TotalBusiness [mailto:jamie.andrews@tradersworld.com]
Sent: 31 January 2006 23:09
To:
Subject: Requesting Photo Approval


Hello,

Your photograph has reached editing stage as part of an article we are
publishing for our February edition of Traders World Monthly. Can you check
over the format and get back to us with your approval or any changes?
If the picture is not to your liking then please send a preferred one. We've
attached the photo with the article here.

Kind regards,

Jamie Andrews
Editor
TradersWorld


***************************************
The Professional Brokers Essential
***************************************

BlkKnight

AVG tomorrow will be updated to detect:

Trojan Horse Backdoor.Breplibot.T

GarethE

iTrader: (1)

I had that this afternoon - is the virus hidden within the zip file, or the .exe that is shown when the file is unzipped ?

It nearly caught me out as it supposedly came from the Editor, Guardian.com, and as a photographer who occasionally works for the Guardian it seem real.
It was only knowing that the Guardian is .co.uk and on unzipping the file to it showed an .exe file, I realised and deleted it, without opening the file.

Anybody know what the virus can do, and does it affect Mac OSX Tiger ?

Cheers

Gareth

OllyK

http://news.zdnet.co.uk/internet/sec...9236720,00.htm

BlkKnight

it's a backdoor IRCbot - which uses the sony rootkit to infect (as above states)

The unknowing (or those who don't have full file names on) might open it as the "image" of the file is displayed as adobe's PDF icon.

JackClark

http://vil.nai.com/vil/content/v_133091.htm

McAfee users, if you updated in the last six months you're safe. OSX users, no need to worry.

joni

I had this one which was stopped by McAfee this afternoon.

corradoboy

So far, OS X has had no virus' whatsoever. There is a malware rumoured to be about, but to be infected by it you would have to be pretty dumb as it pretty much has to be fully installed whilst connected to a network (do a Google for "opener" for full details). Isn't it possible to prevent virus infection on PC by simply logging in under an admin user only for the essential installs and using a limited account with no authority to install for all daily tasks Read this recently Apologies if I'm wrong as I'm a Mac geek and hate Micro$h!te with a passion

sarasquares

iTrader: (1)

ive got AVG free edition what do i need to do?

FlightMan

Praying would be a good start!

Daz34

Just goes to prove that there is no such thing as a good free av solution.

sarasquares

iTrader: (1)

funny.......not

will zone alarm get it

Daz34

If you have just got the free Firewall then no....It's a firewall

It you have paid for one of their packages containing the antivirus solution then yes it will stop it.

sarasquares

iTrader: (1)

i paid for spysweeper

OllyK

Well done, now you just need some decent Anti Virus Software to compliment your firewall and spyware protection and you should be reasonably safe - assuming you keep it all up to date etc.

ChrisB

Unplug your computer from the wall and never turn it on again. That way you won't get a virus and the ScoobyNet mod's will have a much quieter life

sarasquares

iTrader: (1)

you know i like to do things the hard way