Dilibrate VIRUS Attack!
 

I received a virus in StarTrekMod email account addressed to me. The person who sent this used my name and attached a virus to the email. This means that I am being targetted and will more than likely have to ask CNC to shut down the email services for the AST site.

http://forum.shrapnelgames.com/images/icons/icon9.gif

<font size="2" face="sans-serif, arial, verdana">What have we come to. Why would any one want to send me a virus? Go figure.

Re: Dilibrate VIRUS Attack!
 

Are you sure its not just an address book spamming virus on someone else's machine?

Re: Dilibrate VIRUS Attack!
 

SJ I am positive. Why would an address book for StarTrekMod use Atrocities and send me a virus attachment with the title Space Empires?

No this was a dilibrate assualt. If I had opened that file I would have been utterly screwed.

Re: Dilibrate VIRUS Attack!
 

The worst part is, what have you done except bring us wonderful Star Trek mod goodness?

What virus was it out of curiosity?

Re: Dilibrate VIRUS Attack!
 

Can you tell who it came from?

Re: Dilibrate VIRUS Attack!
 

The virus was embedded in an HTML document that was titled Space Empires.html

The virus detection software deleted it and I did not click more info so I do not know what it was specifically. I honestly thought it was just another worm virus randomly emailed. When I saw that it was addressed specifically to me, with space empires file attachement I was shocked.

Yes I have the email and name of the person who alledgedly sent the email, but that could easily be some pretending to be that person so I chose to keep the name private.

I mean why send a virus using your own name? The guy is either a genius or incredibly short sided. So I figure the name an email address, although linked, may just be an attempt to hide the real senders identity.

Either way it is most distrubing.

Re: Dilibrate VIRUS Attack!
 

Thats what I don't like about emails you cant tell who sent them for sure. The whole system should be reworked to be more secure becuase of things like this and more and more people are using email instead of normal mail. There is no way to completely code a brand new system and get everything and everyone to use it though.

[ March 26, 2004, 00:53: Message edited by: Combat Wombat ]

Re: Dilibrate VIRUS Attack!
 

This would be incredibly ironic if it was simply your virus scanner being paraniod.

Re: Dilibrate VIRUS Attack!
 

I had considered that Narf. Believe me I have.

Re: Dilibrate VIRUS Attack!
 

Here is the description of the virus that AT was sent

http://securityresponse.symantec.com...tsky.c@mm.html

Re: Dilibrate VIRUS Attack!
 

Atrocities, I just sent you an e-mail apologizing for the virus sent to you . I enjoy everything you have done for SEIV in general and this mod in particlular and would not do anything to hurt you or anyone ,but to accuse someone of being a diabolical mastermind focusing on just you is ludicruss . I e-mailed you because you requested my game files because I was have a problem with the game which I thanked you for as you helped me out once before .Everyone out there reading this has more knowledge about computers and software in your little pinkies than I have all toghther . Please forgive my babbling and spelling as I'm very upset at the moment. By the way my e-mails do state that " all attachments are protected by macafree securities" and I do have the Norton's software installed in my computer . So please take my word that nothing was done intentioally and I'm sorry for any inconvience I've caused you , Atrocities

Re: Dilibrate VIRUS Attack!
 

Thanks CW for helping figure out what was sent.

Re: Dilibrate VIRUS Attack!
 

<font size="2" face="sans-serif, arial, verdana">You may not have sent the file. From what we can tell it was a virus maskerading as an HTML file.

Save Games are not HTML format. Therefore the files you sent were not the files I received. This means that at some point those files were changed. Now how could that have occured? I am left to beleive that who ever sent me this file (the HTML one) did so by hyjacking your email. Again why would they do this? I simply do not know.

I did not use names, and I do not believe you had anything to do with it so rest easy.

[ March 26, 2004, 01:51: Message edited by: Atrocities ]

Re: Dilibrate VIRUS Attack!
 

Atrocities, thank you !

Re: Dilibrate VIRUS Attack!
 

It is most likely the virus masquerading itself by using his email, I just had this same problem with my AKO account when the Army computers where hit and I was one of the unlucky ones to have my email pulled. I have already gotten back several Messages complaining that I sent them a virus when I didn’t. That is why I was asking if you knew who it was from. It may not be on your computer mrscrogg, it may be in the server that your mail routes through. In any case I would check to make sure that your virus software is up to date.

Re: Dilibrate VIRUS Attack!
 

Had the same **** 30 minutes ago !!

one mail adressed to me personally (same as AT)
The text said : turn attached (I'm playing some PBEM's), but NO subject.

Because I didn't know the name of the Sender I didn't trust it and deleted the message, only than Norton came alive (I guess he was sleeping) and warned me.

Weird, I'm affraid someone from PBW or this forum is f*cking.

Re: Dilibrate VIRUS Attack!
 

Netsky will look for and use saved sent email on some systems as an address/subject line source. This is a new addition to the virus that has only been recently seen. It almost forced us to take our external email system down this week. We couldn't use the filters we normally use, and the load with the scanning filters was killing the mail server. We were recording over 600 hits an hour.

Re: Dilibrate VIRUS Attack!
 

<font size="2" face="sans-serif, arial, verdana">IP ver.6 and scanning backbone routers will fix most of this. But then it will also place some limits on the open-ness of the internet.

[ March 26, 2004, 21:30: Message edited by: Thermodyne ]

Re: Dilibrate VIRUS Attack!
 

Here is my conversation with the tech support people when I called about my other email account (paraphrased) that was hit by something similar:

The virus (maybe they said worm I honestly can’t remember) pulled some accounts, wrote Messages using addresses and subject lines from my [undeleted] out box, then attached its self (I am pretty sure they said as html code) and went out. For those address I had never written to (Microsoft was one) it included a generic subject line.

That is to the best of my memory and I hope it sheds some new light. It sounds like Thermodyne experienced the same thing, but I had it happen to me Last week.

[ March 26, 2004, 21:40: Message edited by: President Elect Shang ]

Re: Dilibrate VIRUS Attack!
 

We all get the Masqurading Emails all the time. Hell I got one from Malfador a week or so ago. That is all find and dandy, we have learned to ignor most of these.

Its when the email is sent to another account, one that does not have your name, and includes text that addresses you BY name that has me worried.

This is what happened. I believe at some point some hacker/virus maker came up with a way to "hijack" your email and substitute a virus for a file your emailing, or simply attack itself to the email as an HTML doc.

The HTML doc. I recieved was titled Space Empires.html (Hidden was the .src extention)

I don't know what to say other than we are all at risk. Hell for all I know my system could be infected and sending out random emails with virus attachements despite my Anti Virus software and PestPatrol anti pest software.

These viruses are afterall, how Nortan and McAfee (same company) stay in business.

(Hummmmmmm, I wonder who it could be making these new viruses??? Duhhhhhhhhhhhh)

Re: Dilibrate VIRUS Attack!
 

I figured that out on the day I had to pay ( $€$€$€$ ) for my first virus-scanner.

Re: Dilibrate VIRUS Attack!
 

<font size="2" face="sans-serif, arial, verdana">1. Do not use Internet Explorer
2. Do not use Outlook
3. Do not open executable email attachments
4. Do not download and execute files unless you absolutely trust the source

Little to no risk left.

Ok, I forgot:
5. Do not use Win2k or WinXP unless you really, really know all the things that must be done to prevent them accessing the internet, and download and execute files without your knowledge.

Re: Dilibrate VIRUS Attack!
 

<font size="2" face="sans-serif, arial, verdana">1. Do not use Internet Explorer
2. Do not use Outlook
3. Do not open executable email attachments
4. Do not download and execute files unless you absolutely trust the source

Little to no risk left.

Ok, I forgot:
5. Do not use Win2k or WinXP unless you really, really know all the things that must be done to prevent them accessing the internet, and download and execute files without your knowledge. </font><hr /></blockquote><font size="2" face="sans-serif, arial, verdana">Ya ya ya


Just use a firewall and get an antivirus subscription. Yhen use the security settings that are included with IE6 and Outlook. You'll be fine.

Re: Dilibrate VIRUS Attack!
 

Well I hope when OneWebHosting brings there email filters on line I won't have to worry to much about getting email viruses.

They are down now. Only received about six today over all my accounts. http://forum.shrapnelgames.com/images/icons/icon7.gif http://forum.shrapnelgames.com/images/icons/icon7.gif http://forum.shrapnelgames.com/images/icons/icon7.gif

Re: Dilibrate VIRUS Attack!
 

<font size="2" face="sans-serif, arial, verdana">1. Do not use Internet Explorer
2. Do not use Outlook
3. Do not open executable email attachments
4. Do not download and execute files unless you absolutely trust the source

Little to no risk left.

Ok, I forgot:
5. Do not use Win2k or WinXP unless you really, really know all the things that must be done to prevent them accessing the internet, and download and execute files without your knowledge. </font><hr /></blockquote><font size="2" face="sans-serif, arial, verdana">Ya ya ya


Just use a firewall and get an antivirus subscription. Yhen use the security settings that are included with IE6 and Outlook. You'll be fine. </font><hr /></blockquote><font size="2" face="sans-serif, arial, verdana">So, What anti-virus / firewall software does everyone use? I'm currently using Panda 7 w/ the built-in Sygate firewall.

Re: Dilibrate VIRUS Attack!
 

<font size="2" face="sans-serif, arial, verdana">Antivirus software needs time to react and update, so there is a timespan when you are vulnerable.
And you really believe that IE and Outlook do NOT have any security loopholes at the moment? Would be the first time in history. Next virus exploit followed by next patch followed by next virus exploit followed by next patch andandand will follow for sure. And you really believe that the security settings are there to help you and not just eye candy while the program continues to support spyware? BHO, anyone?
I have ceased to help people with comp probs who continue to use IE/Outlook against my advice. I just don't have that much time at hands. It's a neverending battle that can't be won.

Re: Dilibrate VIRUS Attack!
 

<font size="2" face="sans-serif, arial, verdana">Antivirus software needs time to react and update, so there is a timespan when you are vulnerable.
And you really believe that IE and Outlook do NOT have any security loopholes at the moment? Would be the first time in history. Next virus exploit followed by next patch followed by next virus exploit followed by next patch andandand will follow for sure. And you really believe that the security settings are there to help you and not just eye candy while the program continues to support spyware? BHO, anyone?
I have ceased to help people with comp probs who continue to use IE/Outlook against my advice. I just don't have that much time at hands. It's a neverending battle that can't be won. </font><hr /></blockquote><font size="2" face="sans-serif, arial, verdana">The main problem is that when 90% of the people are using Windows / IE / Outlook, that's where the hackers/crackers are going to target their attacks. Mac Users brag that they don't need AV, but no hacker wants to waste their time going after a mac when it's such a small percentage.
Outlook Express is another story, since it's, well, obsolete and not going to be upgraded.
I've been using Foxfire for my brousee & Thunderbird for my mail (as you can see, I'm cheap & go for free), I also use mozzilla as a secondary setup.
Av I've been using Panda 7 Platinum (if your an IT pro, you can probably get it for free). I've tried McAfee, Kaspersky, NAV (I couldn't get it off my system fast enough. And it wasn't easy to get it off! It's almost a virus in itself!). Panda, although it is lacking in the appearance of it's GUI, seems to work pretty good, and has a few nice features. If you have dial-up, like me (Alright, I'll just wait until everybody stops laughing.........), as soon as it detects that the internet is Online, it does an update. It also handles network drives. It has a built in firewall (Sygate). Now I'm sounding like a salesman, sorry. Anyways, it seems to work well for me.
I also have Spybot & Ad-Aware scheduled to run daily. I also NEVER NEVER open attachments unless it's from someone I know & I'm expecting it.

Re: Dilibrate VIRUS Attack!
 

Thier is another option, you can add a MailSweeper program to ensure that your email program only downloads to emails you want to see.
It will also help in dealing with spam. A free one available is MailWasher
At Work we get on average 100-400 Viruses a day and and at least that many spam emails too, so our MailSweeper is a lot more advanced than MailWasher, but it seems like a good home application.

Re: Dilibrate VIRUS Attack!
 

[quote]Originally posted by Baron Grazic:
Thier is another option, you can add a MailSweeper program to ensure that your email program only downloads to emails you want to see.
It will also help in dealing with spam. A free one available is MailWasher
At Work we get on average 100-400 Viruses a day and and at least that many spam emails too, so our MailSweeper is a lot more advanced than MailWasher, but it seems like a good home application. [/QUOTE

for me, e-mail viruses aren't a problem. I have my e-mail address that was set up by my ISP, but I only give that address to immediate friends & family. All others get a yahoo / Hotmail address, and most of thos e-mails get deleted w/o a look. I NEVER download an attachment unless I'm expecting it. Even w/ the PBW, I have my account set up to not e-mail a file. I download it myself.

Something else of interest. M$ had it (May still have it) where they would mail you a free CD w/ all the security updates to date. I've had it setting on my desk for a couple days & just opened it. They also included a 1 year trial of CA EZ Armor LE Antivirus & firewall. I don't have a place for it now, but I'll need to check it out. Anybody ever used it?

Re: Dilibrate VIRUS Attack!
 

I just check Micosoft site & you can still get CD. If anyones intersested, go to:
www.microsoft.com/security/protect/

Re: Dilibrate VIRUS Attack!
 

The ONLY way to TRULY protect yourself from virii/worms is to never connect and never put any disks in your computer... http://forum.shrapnelgames.com/images/icons/icon12.gif

I mean, even the "protector software" is vulnerable. Any one read of the recent problem with ISS's BlackIce product?

http://security.itworld.com/nl/security_strat/03302004/

Scary, eh?... http://forum.shrapnelgames.com/images/icons/shock.gif http://forum.shrapnelgames.com/images/icons/icon10.gif

EDIT: I just wish mail server admins would turn off the "Sender Notification" of their virus checkers - they're almost always coming from spoofed / hijacked addresses anyways. They're just adding to the problem IMO.

[ March 30, 2004, 19:45: Message edited by: rdouglass ]

Re: Dilibrate VIRUS Attack!
 

<font size="2" face="sans-serif, arial, verdana">Agreed.
I've already done that here. The only alert emails are to our staff.