Skip to comments.
"Osama Bin Laden Captured" [VIRUS ALERT]
Spam Message That Downloads a Trojan
http://www.prnewswire.com/cgi-bin/stories.pl?ACCT=109&STORY=/www/story/04-22-2004/0002157853&EDATE= ^
| 4-22-04
| PANDA
Posted on 04/22/2004 11:02:34 AM PDT by OXENinFLA
Panda Software Reports a Spam Message That Downloads a Trojan
The message is sent with the subject field: Osama Bin Laden Captured
GLENDALE, Calif., April 22 /PRNewswire/ -- Panda Software's PandaLabs has detected a spam message currently being sent to users which tries to get recipients to visit an advertising page and which also downloads a Trojan to users computers.
The characteristics of the message are:
From: the name of the sender is variable, although it tries to make recipients think it has been sent by the BBC or CNN.
Subject: "Osama Bin Laden Captured",
Message text: "Hey, Just got this from CNN, Osama Bin Laden has been captured! Goto the link below to view the pics and to download the video if you so wish: (Internet address) "Murderous coward he is". God bless America!".
The address indicated in the message takes users to what appears to be an advertising page. However, the page contains code that exploits a vulnerability (detected by Panda antivirus as Exploit/MIE.CHM). The code also downloads and runs a file (detected as VBS/Psyme.C). Finally, a file called EXPLOIT.EXE, which contains the Trojan Trj/Small.B is downloaded from Internet onto users' machines.
TOPICS: Announcements; Business/Economy; Crime/Corruption; News/Current Events; War on Terror
KEYWORDS: binladen; panda
BE CAREFULL I JUST FOUND THIS !!
1
posted on
04/22/2004 11:02:35 AM PDT
by
OXENinFLA
To: OXENinFLA
ouch, NASTY!
2
posted on
04/22/2004 11:04:00 AM PDT
by
Monty22
To: StriperSniper; Mo1; Peach; Howlin; kimmie7; 4integrity; BigSkyFreeper; RandallFlagg; ...
VIRIUS ALERT!!
3
posted on
04/22/2004 11:04:26 AM PDT
by
OXENinFLA
To: OXENinFLA
I was wondering todays "OBl Captured" rumor came from.
To: OXENinFLA
This came to me today. I hadn't seen any news about Osama here at Freerepublic so I thought it had to be a virus and I deleted it. Usually the layers of anti-virus protection I have deletes these things before I get them.
Who would have thought that FR would be my last line of defense!
Thank you, FreeRepublic!
5
posted on
04/22/2004 11:14:57 AM PDT
by
Waryone
To: Waryone
Funny this is I have Panda and I found this only after looking for stories about UBL being captured. Go figure.
6
posted on
04/22/2004 11:17:29 AM PDT
by
OXENinFLA
To: OXENinFLA
Thanks for the warning!
7
posted on
04/22/2004 11:21:30 AM PDT
by
Not A Snowbird
(You need tons click "co-ordinating")
To: OXENinFLA
detected by Panda antivirus as Exploit/MIE.CHM
So, it only affects Microsoft Internet Explorer. If you would rather spend more time enjoying the net than worrying about MSIE, there are alternatives:
Netscape (It's built-in pop-up blocker is 99.99% effective.)
Opera
Security through obscurity.
8
posted on
04/22/2004 11:49:12 AM PDT
by
holymoly
("A lot" is two words.)
To: OXENinFLA
Already been through my company; keep a record of who you got it from - it can be useful to know who the real dummies are..
9
posted on
04/22/2004 12:01:58 PM PDT
by
Redbob
To: OXENinFLA
Goto the link below to view the pics and to download the video if you so wish: "...if you so wish"? This virus wasn't written by a native English speaker.
I hope nobody's dumb enough to fall for this. After all, when Osama (or his mangled corpse) is captured, we'll hear about it first on...FR!
10
posted on
04/22/2004 5:29:19 PM PDT
by
wimpycat
("The road to the promised land runs past Sinai."-C.S. Lewis)
To: OXENinFLA
Thanks for the heads-up!
To: wimpycat
I got one last night that advised me to send my ATM pin and account number to a website that was only a string of numbers and a .nu domain.
Naturally, I complied immediately!
To: holymoly; All
13
posted on
04/23/2004 1:25:36 PM PDT
by
Just another Joe
(Warning: FReeping can be addictive and helpful to your mental health)
To: OXENinFLA
The first clue is "goto Cnn".
To: WhistlingPastTheGraveyard
ping...
15
posted on
04/23/2004 11:44:17 PM PDT
by
cgk
Disclaimer:
Opinions posted on Free Republic are those of the individual
posters and do not necessarily represent the opinion of Free Republic or its
management. All materials posted herein are protected by copyright law and the
exemption for fair use of copyrighted works.
FreeRepublic.com is powered by software copyright 2000-2008 John Robinson