[PLUG] Possible worm, the attachment is the text source listing of the email in question.

Wil Cooley wcooley at nakedape.cc
Wed Sep 10 20:33:02 UTC 2003


On Wed, 2003-09-10 at 20:14, Michael C. Robinson wrote:
> I think it's html code that is intended to infect Windows 2000.
> I'd be very careful about opening it on anything valuable.  Is 
> this a real worm or a nasty hoax?  It says in the message that
> your hard drive and motherboard will be destroyed.  It was 
> encountered under outlook which has that preview window.  Is 
> previewing a message equivalent to opening it?

Yes, previewing a message is equivalent to opening it, AFAIK.  But
there's no actual "interesting" code in the message you forwarded--it's
just some HTML with spammy comments.  I don't find anything on the
Sophos site about it being either a hoax or anything else; it's either
very new or just a one-off prank.

And by the way, if you genuinely think it's dangerous, doesn't it seem
like a really dumb idea to forward it to a mailing list?

Wil
-- 
Wil Cooley                                 wcooley at nakedape.cc
Naked Ape Consulting                        http://nakedape.cc
* * * * * * * Good, fast and cheap: Pick all 3! * * * * * * *
*   Naked Ape Consulting                http://nakedape.cc  *
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
URL: <http://lists.pdxlinux.org/pipermail/plug/attachments/20030910/39b60a0f/attachment.asc>


More information about the PLUG mailing list