Yesterday I received a friendly message from someone, asking me for any "advice" on an attached file called ACPexe1_7.exe. I wrote back asking for some context - who he was, what was the file, why talk to me, and so on.
I did not open/run the file. It ended with "exe" after all.
Today I received a "message returned" postmaster letter, stating that the alias (Bryan_Scott_Hefner) was unknown/illegal.
Ah ha, thinks I, and deleted the bejeezus out of the original letter.
The text of that letter was friendly, flattering, and entirely vague - it did not have any mention of RPGs or any other thing, it mentioned nothing about the purpose of the file, and it just oozed familiarity, as if the fellow and I had already exchanged a few letters.
Beware, everyone. The fuckers DO exist.
Best,
Ron
Yup. There are a slew of nasty viruses out there that have exactly that type of message, along with a payload of evil file-destroying content. One of the newest is called "sircam.exe" and contains the message:
"Hi! How are you?
I send you this file in order to have your advice
See you later. Thanks"
This virus reproduces by using the the ol' "send to everyone in your address book" method. Obviously, never run any weird .vbs or .exe file...or allow macros in any Word/etc. document.
And don't talk to strangers, even if they DO have the best candy.
Hey Jared,
That was the EXACT text of the message, as it happens.
Best,
Ron
Hmm. One wonders if a "cyber-Sorcerer" chronicle could be run, with viruses and other computer programs being the "demons".
(Seth scratches his head and thinks.)
That's the last thing we need is the FBI busting in on Ron's house and giving him the ol' Steve Jackson Treatment. :wink: Heck, for all I know, Ron may have a dog, and SWAT teams seem to be obsessed with shooting dogs.
Best,
Jim
About once every two months I get something like that too, but the text of the message looks like bad notes from a meeting.
Computer Viri as demons wouldn't be a bad idea. It sounds a lot like the whole "Ghost In The Machine" idea. The thing probably should be written by somebody with a computer security background though (Clinton, you listening). I've got just enough of a security background that I can sniff out when an author is BSing the technical stuff, and it grates. Best that a non-technical author shouldn't try to get technical.
I just got this virus emailed to me. It came anonymously. The text of the email was exactly the same as Jared described. The attached file was named risus15.zip.pif, although the .pif extension was not visible within Windows Explorer. I think I need to have a conversation with S. John Ross.
If you want the details, take a look at:
http://www.symantec.com/avcenter/venc/data/w32.sircam.worm@mm.html
The virus is apparently clever enough to name its' attachment after a file on the (unsuspecting) sender's computer.
Gordon C. Landis
Hey Gordon,
Yeah, I was joking about taking my ire to S. John Ross. I doubt my email address is on his computer. However, with the virus supposedly getting its name from a random file on the sender's infected computer, it just so happens I got something I recognize. So I know from the Risus filename that it was some gamer I've corresponded with who must have sent it to me. It's disappointing actually. I wish I could blame it on my stepdad.
Paul
Quote
On 2001-07-26 00:57, Paul Czege wrote:
Yeah, I was joking about taking my ire to S. John Ross.
No, no, take your ire to him - I understand he's running out and needs more :wink:
Gordon C. Landis
I just got an email much like the one's you describe--here's a generic email with an attachment I won't describe for you to look at.
Riiiiiight. Delete. Bye bye, sucker.
Quote
So I know from the Risus filename that it was some gamer I've corresponded with who must have sent it to me. It's disappointing actually.
Whoever you got the virus from doesn't know they sent it to you. SirCam reads your outlook address book and sends a random file to people in the address book. The person using the computer doesn't know what's going on. They're innocent (apart from being stupid enough to open an infected file....)
Quote
On 2001-07-24 19:36, GreatWolf wrote:
Hmm. One wonders if a "cyber-Sorcerer" chronicle could be run, with viruses and other computer programs being the "demons".
Wait a week!
Quote
On 2001-07-25 23:43, Paul Czege wrote:
The attached file was named risus15.zip.pif, although the .pif extension was not visible within Windows Explorer. I think I need to have a conversation with S. John Ross.
I'm not sure what this virus does, but I can tell you that it was written with Delphi. I'm also going to go out on a limb and suggest that it was targetted at members of this board, considering how many people here have received it, and the specificity of the message.
Yesterday was a banner day, with two separate viri arriving in my mainbox.
shit. this is all my fault.
Actually it isn't my fault, it's the fault of the guy who sent me the damn thing in the first place. But I was stupid and opened it and now it spreads.
Damn damn damn
I wonder why the virus used "Risus15.zip" as a name and not "Elfs.zip"? hm... descructive and biased...
Quote
I'm also going to go out on a limb and suggest that it was targetted at members of this board, considering how many people here have received it, and the specificity of the message.
Don't get too paranoid, Clay, this virus was reported in the wild a week before anyone on the boards here got it.
I got that Risus.zip one as well - which I thought was weird due to it being role-playing related. It asked me to check it out and tell 'him' what I thought.
Since it was a .zip and the sender was an invalid address I just deleted it - which bastard has me in their address book then? :smile:
Saying that I believe MJ sent an apology to a few people because his computer was infected - whether this is related I have no idea.
Quote
On 2001-07-31 08:21, Ian O'Rourke wrote:
I got that Risus.zip one as well - which I thought was weird due to it being role-playing related. It asked me to check it out and tell 'him' what I thought.
Since it was a .zip and the sender was an invalid address I just deleted it - which bastard has me in their address book then? :smile:
Me too. No return address, so I killed it. I am on that list as well it would seem. Almost fell for it because people have been sending me lots of stuff of late.
And I have gotten mail from MJ before. Hmmm.....
Mike Holmes
I can tell you it's got nothing to do with this board. I received one of these over a month ago, and I've only recently arrived here in the last week or so.
The first piece of advice is don't run any attachments you didn't ask for specifically, even from someone you know. If it is from someone you know, you can confirm the validity of the file. If not, then they have no business sending you files to begin with.
Also, these things seem to rely on Outlook to spread. If you use a different email program, you reduce the risk of infecting others (unless someone's modified the code recently).
Just a few little snippets to be the helpful superhero I am.
First off, it's not just outlook users that need to be wary.
Outlook is a prime target for virus/worm spreading, but and SMTP, PPP, or POP3 address book can be used. I just put up with a nasty little CodeRed outbreak here at work that attacked our users all over the place. We had one person who's machine was sending out 2-3 hundred emails every second hour. The beauty of this particular virus was, he was using a Novell based email client and it was able to replicate and send itself using our Novell, NT, and SMTP clients. It's been said a billion times, but it can't be said enough: As a rule don't open unsolicited email, and NEVER EVER EVER EVER EVER open a file attachment sent via email that you did not SPECIFICALLY request. It's sad, as indie gamers we want to help people out, but your own mother could email you a destructive virus without knowing it. For those of you who get sick and tired of getting viruses emailed to you and want to do something about it..
when you recieve a virus or possible virus in your email:
First notify YOUR isp.
Then notify Thier isp.
if they use a free email client such as hotmail or yahoo don't let that stop you from contacting people. Contact hotmail or Yahoo and tell them that such and such user was sending viruses. Sending computer viruses over the internet is a Federal crime and as such, can be investigated in completion. Which means, if said person has caused damage (especially in a government system) then they WILL be backtraced and they'll find out who "supersexygirl@hotmail.com" is. There is very little true anonymity on the internet, and certainly not as much as people think there is.
Hope this is helpful, if anyone here has any security or technical questions feel free to drop me a line.
If you are wondering whether or not I'm qualified to give advice on this matter...
Well :razz: any of you in the U.S.of A. paying taxes are already paying me to do it anyway.
T
Thanks for the info. It seems the little bastards have been working overtime (Though when haven't they been; Anyone remember the Jerusalem-B virus? Or the Pakistani Brain?).
Gentlemen etc,
I believe this thread is now dead. Please let it lie.
Best,
Ron