Skip to comments.
Internet Worm Disguised as E-Mail from Microsoft
Reuters ^
| 19 May 2003
Posted on 05/19/2003 11:44:33 AM PDT by Hal1950
SAN FRANCISCO (Reuters) - A new computer worm that disguises itself as an e-mail from Microsoft Corp. MSFT.O is spreading, computer security firms warned on Monday.
The e-mail containing the worm, dubbed Palyh or Mankx, appears to come from support@microsoft.com, but is not from the software company.
When the attachment is opened, the worm copies itself to the Windows folder, scoops up e-mail addresses from the hard disk and starts sending itself out, said U.K-based Sophos.
The malicious program can spread itself to other Windows machines on a local area network, anti-virus vendors said.
It also can secretly install spyware programs on infected computers that could eavesdrop on the computer user, according to Moscow-based Kaspersky Labs.
The worm is programmed to expire automatically on May 30, according to Symantec Corp.
It began spreading on Saturday and has apparently infected computers in 69 countries, according to MessageLabs.
A Microsoft spokesman said the company never sends out unsolicited mass e-mails with attachments.
TOPICS: Breaking News; Business/Economy; Crime/Corruption; Culture/Society; News/Current Events
KEYWORDS: internetworm; mankx; microsoft; palyh
Navigation: use the links below to view more comments.
first 1-20, 21-33 next last
1
posted on
05/19/2003 11:44:33 AM PDT
by
Hal1950
To: Hal1950
It doesn't say whether this is aimed at a susceptibility in Outlook Express. Many of these worms & viruses are designed that way, which is a good reason to use a different email client.
To: Hal1950
If you get what looks like a Microsoft e-mail with an attachment you know its not from them. Redmond updates Windows on its website. I pity the ignorant fools who should know better.
3
posted on
05/19/2003 11:53:18 AM PDT
by
goldstategop
( In Memory Of A Dearly Beloved Friend Who Lives On In My Heart Forever)
To: Hal1950
I got one of these this morning. Our firewall stripped the attachment, though.
4
posted on
05/19/2003 11:58:26 AM PDT
by
mbynack
To: mbynack
I also recieved it w/out attachment, then a follow-up from ISP (Time Warner Road Runner) saying they had stripped it.
5
posted on
05/19/2003 12:12:59 PM PDT
by
KayEyeDoubleDee
(const vector<tags>& oldTags)
To: goldstategop
I got this today, and deleted it, as I do all messages supposedly from Microsoft. It's silliness to do anything else.
Comment #7 Removed by Moderator
To: Hal1950
A new computer worm that disguises itself as an e-mail from Microsoft If they ever design one that disguises itself as a thread on FreeRepublic, I'm gonna be in deep doodoo.
To: mbynack
Good for me the Redneck Virus had a huge bug in it which kept it from spreading far. When I got it, I deleted all the files on my hard disk, but that wiped out my mailing list so I had no one to forward it to.
9
posted on
05/19/2003 12:46:17 PM PDT
by
KarlInOhio
(Paranoia is when you realize that tin foil hats just focus the mind control beams.)
To: John Beresford Tipton
10
posted on
05/19/2003 12:57:00 PM PDT
by
Calpernia
(The person who removes a mountain begins by carrying away small stones.)
To: John Beresford Tipton
They're all designed for Microsoft OE. 60 to 90% of all home users us Outlook Express, which is fast, convenient, and comes with just about every Windows-based computer you buy today.
11
posted on
05/19/2003 1:09:13 PM PDT
by
rs79bm
(The difference between Los Angeles and yogurt is that yogurt comes with less fruit ... R. Limbaugh)
looks like it is trying to come through as a .pif file
12
posted on
05/19/2003 1:12:12 PM PDT
by
tarawa
To: Hal1950
I got it today, immediately knew it was bogus..
ALSO got this... supposedly from PAYPAL:
PayPal
Please verify your information today!
Dear Paypal Member.
Your account has been randomly flagged in our system as a part of our routine security measures. This is a must to ensure that only you have access and use of your paypal account and to ensure a safe Paypal experience. We require all flagged accounts to verify their information on file with us. To verify your information, click here and enter the details requested. After you verify your information, your account shall be returned to good standing and you will continue to have full use of your account.
Thank you for using PayPal!
Please do not reply to this e-mail. Mail sent to this address cannot be answered.
THIS is NOT from Paypal, if you get it, call them.
To: tarawa
Yep, its a .pif file. Just got it through my
www.0cents.com site. Probably some Bush Hater sent it as my site is getting bombarded with requests for the "Character Counts" image!
My McAfee Virus scan stopped it.
14
posted on
05/19/2003 1:20:00 PM PDT
by
Seeking the truth
(I'm going on the FRN Cruise - How about you? - Details at www.Freerepublic.net)
To: Merovingian
I used to receive that type of fraudulent email all the time when I was an AOL subscriber.
I have found that these frauds inevitably give themselves away through the use of poor grammar, spelling errors, or unusual syntax.
In the message you received, nothing leaps out. However, I would suggest that a large corporation such as Paypal would not use a term like "flagged" in corresponding with a mass audience.
Similarly, I think it is very unlikely they would write that the account "shall" be returned to good standing.
Unfortunately , I'm sure these frauds manage to dupe a number of people.
To: Merovingian
Oh, you got that one too? Mine came last week. It looked really legit, but I knew Paypal doesn't handle business that way, so I'm sure I was a disappointment to the scammers.
16
posted on
05/19/2003 1:33:10 PM PDT
by
MizSterious
(Support whirled peas!)
To: governsleastgovernsbest
And I just received this email:
Dear Ebay Customer,
This email is to inform you of a recent update we made to our systems, To avoid service Interruption we require that you confirm your account as soon as possible.
Please take a moment to confirm your account by going to the following address:
"http://www.ebay.com@itransaction-system.com"
Follow these steps:
1: Log in by clicking the link given above.
2: Verify who you are.
3: Your account will then be updated, you may continue using Ebay services with out any interruptions.
*** Please note: If you FAIL to update your account, it will be temporarily disabled.
We apologize for any inconvenience this may cause. The Ebay team is working hard to bring you the best services on the web.
Thank you for your business.
The Ebay Staff.
To: Seeking the truth
HI there friend!
I saw your name and remembered the new stickers...Did you get my yellow envelope and order?
How is everything going?
18
posted on
05/19/2003 2:18:17 PM PDT
by
3D-JOY
To: 3D-JOY
Got it and its already on its way back atcha! Thanks!
19
posted on
05/19/2003 2:22:30 PM PDT
by
Seeking the truth
(I'm going on the FRN Cruise - How about you? - Details at www.Freerepublic.net)
To: Seeking the truth
Good. Sometimes I forget to do what I planned.
Senior moments!!
20
posted on
05/19/2003 2:53:26 PM PDT
by
3D-JOY
Navigation: use the links below to view more comments.
first 1-20, 21-33 next last
Disclaimer:
Opinions posted on Free Republic are those of the individual
posters and do not necessarily represent the opinion of Free Republic or its
management. All materials posted herein are protected by copyright law and the
exemption for fair use of copyrighted works.
FreeRepublic.com is powered by software copyright 2000-2008 John Robinson