Free Republic
Browse · Search
News/Activism
Topics · Post Article

Skip to comments.

Gullible Users Spreading 'Mydoom' Worm
Fox News ^ | January 28, 2004 | AP

Posted on 01/28/2004 11:26:22 AM PST by yonif

Edited on 04/22/2004 12:38:55 AM PDT by Jim Robinson. [history]

The continued spread of a cleverly engineered computer virus exposes a key flaw in the global embrace of technology: Its users are human.

Posing as a legitimate computer error message, the worm successfully tricked e-mail recipients into spreading it to friends, co-workers and business associates.


(Excerpt) Read more at foxnews.com ...


TOPICS: Crime/Corruption; Culture/Society; Extended News; News/Current Events
KEYWORDS: computers; internet; worm
Navigation: use the links below to view more comments.
first 1-2021-34 next last

1 posted on 01/28/2004 11:26:23 AM PST by yonif
[ Post Reply | Private Reply | View Replies]

To: yonif
One of the unnoticed problems with these viruses, but one that affects me quite strongly is the spoofing of the From: address.

I run a web-based retail business. It's a small one, but I have a lot of customers. Most of those customers have my email address in their Outlook address book.

So, if one of these customers gets infected, viruses go out with my email address spoofed into the sender's line. That's when the fun starts.

Since most people don't understand spoofing, I get emails complaining that I sent out a virus. It happens so often that I have a boilerplate response I send out, explaining the whole spoofing thing.

I have a notice on every index page on my site also, explaining how this nonsense works and that I will never send anyone an email with any attachment...period.

Still, not everyone who gets a spoofed virus message seeming to be from me is a customer....most are others in the customer's address book.

I don't know how much this all costs me in lost business...there's no way to track it.
2 posted on 01/28/2004 11:31:34 AM PST by MineralMan
[ Post Reply | Private Reply | To 1 | View Replies]

To: yonif
If these morons would just keep their systems patched and updated we wouldn't have these problems.

We were all patched up at work within an hour of the announcement, and at home... well, I've evolved to Linux so it's not an issue for me except to the extent that lazy users are slowing the net down for me.
3 posted on 01/28/2004 11:33:07 AM PST by Gerasimov ( <a href="http://www.michaelmoore.com" target="_blank">miserable failure)
[ Post Reply | Private Reply | To 1 | View Replies]

To: yonif
As millions of Mac and Linux users sit back in comfort, as those running Mozilla on Windows who are not stupid enough to open an attachment clearly labeled "xxx.scr" I feel sorry for those millions of old Outlook users where they get run automatically.

I remember a time working in computer security when I could confidently say "It is impossible to get a virus just by opening an email." Microsoft changed all that. Thanks.

4 posted on 01/28/2004 11:35:52 AM PST by antiRepublicrat
[ Post Reply | Private Reply | To 1 | View Replies]

To: yonif
This worm has tricked quite a few of my wife's clients. Her business addy has been getting hammered by infected messages. The technobabble come-on lines are very clever.
5 posted on 01/28/2004 11:40:08 AM PST by Redcloak (Cat: The other white meat.)
[ Post Reply | Private Reply | To 1 | View Replies]

To: yonif
I got two emails this morning with an attachment. Deleted 'em both. Was a little bit PO-ed that Norton didn't pick it up. The emails had different sender addresses but both had a 22.6 kilobyte attachment.
6 posted on 01/28/2004 11:45:35 AM PST by Prodigal Son
[ Post Reply | Private Reply | To 1 | View Replies]

To: MineralMan
I can commiserate with you. Though I don't have a web based business, this is the very reason that I keep the important parts of my business out of the computer. I once gave my e-mail address to my female relations. It was a disaster. They sent me every virus and chain letter that was on the net. The security of e-mail and the invention of a way to screen out this evil, will make some programmer(s) a lot of money. If its not hacked.
7 posted on 01/28/2004 11:45:37 AM PST by elbucko
[ Post Reply | Private Reply | To 2 | View Replies]

To: MineralMan
Spoofing return addresses should be illegal; in fact I believe it is now. The first internet provider that figures out a way not to forward email wih false return addresses will win a lot of new customers. Most of the false address used in spam are completely bogus and lead nowhere.
8 posted on 01/28/2004 11:46:55 AM PST by js1138
[ Post Reply | Private Reply | To 2 | View Replies]

To: Gerasimov
If these morons would just keep their systems patched and updated we wouldn't have these problems.

The funny thing is, they're not all morons. Take doctors for example. Many doctors could transplant your heart successfully into someone else's chest but would open this attachment. It doesn't mean they're a moron- demonstrably they're not. It just means they don't have knowledge that you view as 'common knowledge' but they would view as a 'specialty' because they haven't had time to aquire it.

I would imagine there are a lot of very smart people out there who open these types of attachments. It's not because they're morons, it's just because computing and 'updating one's patches' has not become as ubiquitous as many heavy computer users would like to imagine.

9 posted on 01/28/2004 11:50:43 AM PST by Prodigal Son
[ Post Reply | Private Reply | To 3 | View Replies]

To: js1138
"Spoofing return addresses should be illegal; in fact I believe it is now. The first internet provider that figures out a way not to forward email wih false return addresses will win a lot of new customers. Most of the false address used in spam are completely bogus and lead nowhere.

"

Spoofing used in spam is illegal. Creating and spreading viruses is illegal, too. The problem I'm addressing is the one where a virus takes names out of the infected person's address book and spoofs them into the sender field before sending the virus out.

I've even gotten viruses with my email address in both the From: and To: fields, typical of this nonsense. I have no viruses on my computer and never will.
10 posted on 01/28/2004 11:51:20 AM PST by MineralMan
[ Post Reply | Private Reply | To 8 | View Replies]

To: yonif
One disturbing note is the attack on SCO. I don't mind attacking SCO, but it indicates this is being done by Linux users. It's going to give them a worse name. Many non-Linux users already consider them to be the Moonies of the computer world. Now, they will be considered the terrorists of the computer world.
11 posted on 01/28/2004 11:52:08 AM PST by Poser
[ Post Reply | Private Reply | To 1 | View Replies]

To: js1138
The first internet provider that figures out a way not to forward email wih false return addresses will win a lot of new customers.

AOL is testing this now, kind of a reverse DNS lookup for email servers. The problem with any improvement will be that the clients need to be upgraded, and that's not going to happen very quickly. As it is, there are still millions of people out there with the older Outlook that will automatically run these viruses.

12 posted on 01/28/2004 11:54:02 AM PST by antiRepublicrat
[ Post Reply | Private Reply | To 8 | View Replies]

To: All
Most of these links are courtesy Martin Fierro:

Alternative browsers:
http://www.mozilla.org/
http://www.opera.com/

Free anti-viral protection:
http://www.grisoft.com/us/us_dwnl_free.php

Popup ad killers:
http://www.bayden.com/popper/

Close that friggin' Messenger in Windows XP:
http://grc.com/stm/ShootTheMessenger.htm

Spyware removers:
http://www.safer-networking.org/index.php?lang=en&page=download
http://www.lavasoftusa.com/
http://www.wilderssecurity.net/spywareblaster.html

Good for pre-screening & bouncing SPAM:
http://mailwasher.net/

Script Defender ( stop that nonsense from running unwelcome scripts ):
http://www.analogx.com/welcome.htm

Online virus scans:
http://housecall.antivirus.com/housecall/start_corp.asp
Trend Micro

http://www.rav.ro/scan/indexie.php
RAV

http://www.bitdefender.com/scan/license.php
Bit Defender
13 posted on 01/28/2004 11:54:15 AM PST by backhoe (--30--)
[ Post Reply | Private Reply | To 11 | View Replies]

To: MineralMan
I'm glad to hear you never will. I've cleaned up lots of computers, but never seen a virus on a computer where ordinary precautions were taken. Nearly all the recent worms would have been stopped it people simply installed security updates within a month of their release.
14 posted on 01/28/2004 11:55:21 AM PST by js1138
[ Post Reply | Private Reply | To 10 | View Replies]

To: yonif
Yep it sucks..I keep getting the "Tech Support Son-in-law" phone calls...

I had a solution to my computer setup...My drives are in caddies, my wife has one for herself, then if her machine gets messed up it doesn't affect me because my HDD is not installed at the time of infection. That way I only have one machine to deal with...

Later

MD
15 posted on 01/28/2004 11:59:38 AM PST by MD_Willington_1976
[ Post Reply | Private Reply | To 1 | View Replies]

To: antiRepublicrat
I believe that most spam and most viruses could be stopped by internet providers. Everything that goes through Hotmail goes through McAfee antivirus. Unfortunate, Hotmail is virtually unusable due to spam.
16 posted on 01/28/2004 12:00:09 PM PST by js1138
[ Post Reply | Private Reply | To 12 | View Replies]

To: antiRepublicrat
I remember a time working in computer security when I could confidently say "It is impossible to get a virus just by opening an email." Microsoft changed all that. Thanks.

Me too brother.

I'd also like to point out that just calling it a "virus" is extremely misleading. It is a "Windows/Outlook virus". I would be suprised if the virus would work against someone using Mozilla/Thunderbird or Eudora for their email client.

17 posted on 01/28/2004 12:06:35 PM PST by zeugma (The Great Experiment is over.)
[ Post Reply | Private Reply | To 4 | View Replies]

To: zeugma
I would be suprised if the virus would work against someone using Mozilla/Thunderbird or Eudora for their email client.

I've received a bunch on Mozilla, and they just show up as attachments with a .scr extension. I haven't tried running one so I can't say what happens, although my antivirus would probably catch it.

18 posted on 01/28/2004 12:16:56 PM PST by antiRepublicrat
[ Post Reply | Private Reply | To 17 | View Replies]

To: yonif
I wonder what it takes to disable the feature to run executables from an email program?

For the jacka**es at Microshi* it takes another 100 years and the destruction of the entire Internet.

Osama, please come and save us from Bill Gates of Hell!
19 posted on 01/28/2004 12:29:58 PM PST by observer5
[ Post Reply | Private Reply | To 1 | View Replies]

To: zeugma
I would be suprised if the virus would work against someone using Mozilla/Thunderbird or Eudora for their email client.

Nearly every virus out there targets Outlook so users of any other mail client are pretty safe. As long as your client doesn't automatically open attachments with the message there's not too much risk. I use Netscape at home, Notes at work and have never had a virus problem.

20 posted on 01/28/2004 12:49:08 PM PST by Squawk 8888 (Earth first! We can mine the other planets later.)
[ Post Reply | Private Reply | To 17 | View Replies]


Navigation: use the links below to view more comments.
first 1-2021-34 next last

Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.

Free Republic
Browse · Search
News/Activism
Topics · Post Article

FreeRepublic, LLC, PO BOX 9771, FRESNO, CA 93794
FreeRepublic.com is powered by software copyright 2000-2008 John Robinson