|
 |
|
 |
| Tuesday, February 07, 2012
|
| Register Login |
 |
|
|
|
|
Users currently online
|
 |
|
|
|
 |
Membership: |
 |
Latest:
kevin |
 |
New Today:
0 |
 |
New Yesterday:
0 |
 |
Overall:
56 |
 |
People Online: |
 |
Visitors:
4 |
 |
Members:
0 |
 |
Total:
4 |
Online Now:
|
|
|
|
|
|
|
|
|
|
Welcome to the Viruswarning forums. All your original content has been ported to the new forums as well as new content and additional opportunities to interact with the authors of Viruswarn.com. You can always access old content at www.leedrake.com/forum . You may find some formatting was lost in the conversion and the older versions of the posts to be more readable....
But at least it's all here.
Enjoy!
|
|
|
|
|
|
Viruswarn Forums
|
|
|
|
|
| You are not authorized to post a reply.
|
|
| Author |
Messages |
|
EldAztek
Posts:0
 |
| 05/12/2003 9:03 PM |
|
| What is it?
Fizzer is a new virus, currently spreading across Asia. It uses the usual email delivery methods, including multiple different attachments types and variable headers. As such it should be caught by up to date virus software running against your email client. This virus is actually spreading faster using Kazaa shares than via traditional routes. I've written about Kazaa before - it's a file-sharing program that people use to download music (usually illegally). Kazaa allows you to retrieve music from pirate music sites (as well as legitimate ones), and allows you to share a space on your hard drive so that people can download music from you. Besides being a bandwidth hog, over 90% of the files passed in Kazaa are copyright violations. As such, the RIAA and other authorities have taken a dim view of people using the system, including prosecuting those that they can find, offering "decoy" sites to collect the IP address of the person visiting the site for later prosecution, working directly with colleges to prosecute students who are the largest violators of copyright laws using this technology.
There's no two ways about it - you can "justify" Kazaa any number of ways (I'm just "trying" the music is the favorite) - but it's completely illegal to download copyrighted music or movies using the service. You cheat the artists, the labels, the manufacturers and the stores out of a fee that is rightfully theirs. Not only that but - it's a HUGE security risk. Think about it - you're downloading files from shares that people have set up on their systems and made public. ANYTHING could be on those shares, named whatever a creative virus writer wishes to name it. It's very easy for viruses to spread this way - it's yet another vector for files to get onto your system (as if there weren't enough already). It's a particularly dangerous one since almost everyone using it knows that it's illegal, and doesn't realize the security ramifications of opening their systems up.
In company systems the risk is three fold - you have a risk of virus infection of your personal workstation, if you're storing your large music files on that nice fat file server you have, you're risking infecting your server, AND you're risking prosecution for music piracy for the entire company. This is regardless of whether you are the one personally downloading - the company is at risk if ANYONE is downloading, and believe me that the RIAA is looking for excuses and opportunities to prosecute. It's easier to track down a company IP address than a home one - they're usually fixed. And companies have deep pockets.
This worm also has the usual other infection methods including address book and internet cache reading of emails, manufacturing emails, AIM, IRC, ICQ, Windows shares, and AOL. The program installs a remote control Trojan, a web server to monitor status (That responds on port 81), and a key logging program to record all your keystrokes as you enter passwords etc. It turns off most popular antivirus programs and Zone alarm if it has an opportunity to run.
What should you do?
I'd strongly recommend that anyone using Kazaa remove it. Kazaa is easy to uninstall - just go to add/remove programs and uninstall it. If you absolutely must use it - don't use it from work or at work - put it on a separate home machine and be darn sure you have aggressive real-time file scanning turned on.
If you must use Kazaa, be sure that the system you use it on is file scanned DAILY (in addition to real-time scanning), at least in your download directory files in order to avoid running into problems with virused files slipping past the door as download files. Be sure to scan ALL EXTENSIONS in the shared or download directories - not just executable extensions.
Keep good, up to date virus signatures, and be sure your virus software is updating.
Never open attachments that are executable
Be sure that your Outlook or Outlook Express or other email program is operating in the "Restricted zone" and that you have attachment suppression turned on.
Run a program such as Zone-Alarm to prevent programs from running on your machine and accessing the internet without your knowledge
For more information:
http://news.com.com/2100-1002_3-1000985.html?part=dht&tag=ntop
http://www.sarc.com/avcenter/venc/data/w32.hllw.fizzer@mm.html
http://vil.mcafee.com/dispVirus.asp?virus_k=100295
This concludes this viruswarning notice dated 5/12/2003.
Lee Drake
Aztek Computer Solutions, Inc.
39 N. Goodman St.
Rochester, NY 14607
585-242-2060
For past archives of viruswarning files see:
http://www.leedrake.com/forum/default.asp?CAT_ID=2
To unsubscribe to this newsletter send me an email at:
imailsrv@azcomputer.net
And in the body type in:
Unsubscribe viruswarning
|
|
|
|
|
|
| You are not authorized to post a reply. |
|
|
|
ActiveForums 3.6
|
|
|
|
|
|
|
|
|
|
|
|