MSN Home  |  My MSN  |  Hotmail
Sign in to Windows Live ID Web Search:   
go to MSNGroups 
Free Forum Hosting
 
Important Announcement Important Announcement
The MSN Groups service will close in February 2009. You can move your group to Multiply, MSN’s partner for online groups. Learn More
Quantock School old Boyz and Girls[email protected] 
  
What's New
  
  Message Board  
  Pictures  
  QS Photos (64-98)  
  Quantock Staff  
  Member Zone  
  To Do List  
  QS World Map  
  FAQs  
  Reunions  
  Reunion Photos  
  Other Links  
  QS Shop  
  QS HELP  
  Documents  
  Abuse  
  Friend Finder  
  Testimonials  
  Tshirt  
  Picture Index  
  
  
  Tools  
 
Virus Updates : Virus: Badtrans
Choose another message board		  
     
Reply
 Message 1 of 1 in Discussion 
From: Mike (Blakey)  (Original Message)Sent: 11/28/2001 9:59 PM
Hello people,
 
I'd not normally write about non-Quany stuff on this site but I've started getting numerious messages contain the Badtrans virus (if I get one from you I'll let you know).
 
The problem with this virus was that the virus was inadvertently helped by BT Openworld, which accidentally e-mailed a copy of the virus to its customers. It is spread vai Microsoft Outlook and Outlook Express address books. 
 
Look out for attachments that are 40k in size with any of the following titles:
humour
docs
s3msong
me_nude
card
searchurl
you_are_fat!
news_doc
images
pics
all the ones I've got have had the extension: ".MP3"
 
The follwoing was taken from the BBC website: (http://news.bbc.co.uk/hi/english/sci/tech/newsid_1678000/1678578.stm)
 
A sneaky Windows computer virus is circulating that tries to install software that monitors what users are typing and passes it to the malicious program's creator.

Like many of the other computer viruses that have struck in recent months, BadTrans-B attempts to spread by exploiting weaknesses in Microsoft e-mail programs.

One anti-virus company has caught over 20,000 copies of the virus in the last 24 hours.

The UK, Germany and US are the countries most seriously infected by the virus.

Old holes

The BadTrans-B virus is spreading swiftly because, unlike many other e-mail viruses, the pernicious payload that helps it raid Microsoft Outlook address books does not have to be clicked on to set it off.

Simply previewing the item could cause infection. The loophole the virus exploits was first discovered in early 2001.

Badtrans-B file names
humour
docs
s3msong
me_nude
card
searchurl
you_are_fat!
news_doc
images
pics
"It's baffling to find that even though Microsoft secured that hole eight months ago, many users have still not applied the patch," said Graham Cluley of anti-virus firm Sophos.

When the virus mails itself to the contacts in the address books it raids, the virus uses a subject line from an existing message to make it appear to be a legitimate reply.

The virus also regularly swaps the name of the attachment travelling with it, in an attempt to conceal its pernicious payload.

BadTrans-B is a variant of the original BadTrans virus that was first discovered in April.

BT Openworld error

As well as raiding Outlook and Outlook Express address books, the virus also tries to implant a hidden program that tries to send an identifying net address to the author of the virus.

The hidden program also monitors what users are typing and the information it tracks could be used by a malicious hacker to steal credit card information or passwords for websites.

Britain seems to have been hit hard by the BadTrans-B Windows virus. Anti-virus firm Message Labs, which logs the numbers of pernicious programs it traps, has caught over 21,000 copies of BadTrans-B in the last 24 hours. Over 50% of these originated in Britain.

The spread of the virus was inadvertently helped by BT Openworld, which accidentally e-mailed a copy of the virus to its customers.

 



First  Previous  No Replies  Next  Last