‘Life Owner’ won’t delete your data!

Paul1 Reply

I received this email from a friend and wanted to talk about this:

VERY IMPORTANT , PLEASE READ THIS

Anyone-using Internet mail such as Yahoo, Hotmail,
AOL and so on.

[ad#ad2-right]This information arrived this morning,
Direct from both Microsoft and Norton

Please send it to everybody you know who has
access to the Internet.

You may receive an apparently harmless e-mail titled ‘Mail Server Report’

If you open either file, a message will appear on your screen saying:
‘It is too late now, your life is no longer beautiful.’

Subsequently you will LOSE EVERYTHING IN YOUR PC,
And the person who sent it to you will gain access to your
name, e-mail and password.

This is a new virus which started to circulate on Saturday afternoon.
AOLhas already confirmed the severity, and the anti virus software’s are not capable of destroying it.

The virus has been created by a hacker who calls himself
‘life owner’.

PLEASE SEND A COPY OF THIS E-MAIL
TO ALL YOUR FRIENDS, And ask them to
PASS IT ON IMMEDIATELY!

THIS HAS BEEN CONFIRMED BY SNOPES.

http://www.snopes.com/computer/virus/mailserver.asp

After doing my little research, I’ve come to the conclusion that this is nothing more than a warning that someone went over board on. I’ve check this on Snopes and it says that:

This latter version is difficult to classify as either “true” or “false”: The virus it references (i.e., the Mail Server Report worm) was a real one, but it’s neither new nor currently rampant (as claimed in the warning text), nor does it manifest itself in the fashion described (since the “symptoms” provided in the warning are merely a reworking of the text of an earlier virus hoax). All in all, that message doesn’t really merit the dire warning to “SEND A COPY OF THIS TO ALL YOUR FRIENDS, And ask them to PASS IT ON IMMEDIATELY!”

I decided to send a reply to my friend who email me this “Warning” and tell him this:

[ad#ad2-left]Although,  This is a real worm.  It however is over hyped and under no circumstances will it delete your files.   I’ll quote from F-secure:

Warezov.W is a mass-mailing worm that sends itself as e-mail attachments to addresses found on the infected computer.

Typically, a mass-mailer arrives on a computer with an infected e-mail message. In some cases, the infected attachment can start automatically. In other cases, the system is infected when the user opens the attachment. When a typical mass-mailer is activated, it installs itself to the system and creates a startup key for itself in the Windows registry. It then stays active in the system’s memory. While active, the mass-mailer searches for specific files (HTML files for example) on all available hard disks for e-mail addresses. Finally, it connects to an available mail server and sends itself to all the addresses it has found.

Aside from this, Warezov.W also downloads another worm variant from a specified website on the Internet.

According to all my sources is if you are worried about this worm, then I highly recommend a good Anti-virus and Software firewall.   This worm is easily detected by all the free anti-virus software out there.    I like AVG because it scans all incoming emails before you even touch the email.   Please don’t forward that to anyone else it seems to be an old email warning that isn’t really a warning anymore.   It seems to be a scare email where there is no real chance of your data going bye bye.   Just thought you’d like to know!!

So I tell you this, if you have any question of the likely hood of any emails you happen to come buy, you best best it to google it or ask your friend before you open the email up.   It is best also to scan all email attachments before even considering opening them.

Valentine’s Day Brings More Malware!

Paul

Panda Labs talks about this new technique where it tries to install W32/Waledac.C.worm under the thought of someone special. It sends out email to people hoping to click links such as:

    [ad#ad2-right]

  • hxxp://goodnewsreview.com

  • hxxp://worldnewseye.com

  • hxxp://www.spacemynews.com

  • hxxp://www.worldnewsdot.com

  • hxxp://www.worldtracknews.com

  • hxxp://www.wapcitynews.com

  • hxxp://linkworldnews.com

  • hxxp://goodnewsdigital.com

  • hxxp://waleprojekt.com

  • hxxp://expowale.com

  • hxxp://topwale.com

  • hxxp://waleonline.com

  • hxxp://goodnewsdigital.com

  • hxxp://wapcitynews.com

  • hxxp://bestgoodnews.com

  • hxxp://spacemynews.com

  • hxxp://linkworldnews.com

Once your at the site,  clicking on the hearts you would then download an file that is the worm!!  SO here are some things to remember.

If you don’t know the person, then it’s probably spam.   If you know the person you need to ask them before you run the program.   You also need to scan any downloads before you run them.  Go to my Malware Page and get a free Anti-virus and Firewall.  For the likely possibility this worm seems to search the computer and harvest email addresses, you should also warn the person who email you the link to let them know that they are infected.

MikeTechSHow Listener Roundtable Jan 24, 2009

Paul

We had a great discussion on Windows 7 Beta and I wanted to post this so people can download it and check it out themselves.    You have an idea for the next round table, just leave a comment and I’ll let Mike know.   I enjoyed this one so much and can’t wait for the next one!!

Miketechshow Listener Roundtable

[If your at my post, Hover over link to listen to it]

Show Links –

Please feel free and visit the Miketechshow website, and if you like his site please come back.  Don’t forget to visit the Miketechshow Forums and check it out.  Who knows you might be able to help someone out from time to time.

Brace for Impact, Brace for Botnet! (Conflicker Worm)

Paul

The Worm that has infected 6% of Personal Computers is starting to build into something totally different.  According to some Researchers, they are saying this has to happen soon. And I’ll quote:

In any case, today seems better than the day before and we think that growth of Downadup has been curbed. Disinfection of the worm remains a challenge.

[Via F-secure]

[ad#ad2-right]Although this sounds like it has stopped, I don’t think so I am sure the worm will get even bigger.   I don’t think it has been curbed we might have a rest period before the Worms tries again.

“Why is it taking so long?” asked Huger. “That’s what we’re all asking.” He couldn’t recall an attack of this size with such a long lag time between the initial attacks and follow-on downloads of more malware to the hijacked systems.

[Via PcWorld]

Now We know this exploit is being patched as quickly as possible in some areas of the industry but that leaves the question?  What isn’t being patched, I am guess the next stage of this worm is mutant into a new worm much like the way it tries to communicate to download new software or instruction.   I believe it will be using a newer exploit so that it can infect even more computers.   I also think it will be a botnet and so does others.

But he also pointed out that the clock is ticking. “If they don’t hurry up and do it, someone else will,” he said, explaining that hackers must fend off not only security researchers, but also other criminals, who would like nothing better than to pinch a ready-to-use botnet.

[Via PcWorld]

So they are going to use this Downadup Worm soon, I am counting on it.   Somethings for IT professionals to prevent more infections are to make sure you have patched the latest security holes before they exploit that.   Like my favorite program, the Clone of Autopatcher, which you can create a month by month patch DVD to install on all important systems.   IT professionals must not start getting relax, because of people saying it is on the downfall. In nature there are always going to be periods of rest before growth. So I am sure something will happen rather quickly, and probably in the next week or two.

Looks Like Monster.com and UsaJobs.gov was Hacked : Change your PW!!

Paul

[ad#ad2-right]

As is the case with many companies that maintain large databases of information, Monster is the target of illegal attempts to access and extract information from its database. We recently learned our database was illegally accessed and certain contact and account data were taken, including Monster user IDs and passwords, email addresses, names, phone numbers, and some basic demographic data. The information accessed does not include resumes. Monster does not generally collect – and the accessed information does not include – sensitive data such as social security numbers or personal financial data.

As a further precaution, we want to remind you that an email address could be used to target “phishing” emails. Monster will never send an unsolicited email asking you to confirm your username and password, nor will Monster ask you to download any software, “tool” or “access agreement” in order to use your Monster account.
[Via Monster.com]

UsaJobs.Gov is a partner with Monster.com so You should think about changing your Password.    They Also think this will be used for Phishing, if you have any doubts to the authenticity of email.  I’d suggest doing a google search on the company or name of the person who emailed you that way you can be well informaed before you do decide how you will handle it.   Also Remember most times if they ask you download software, it is probably Malware and should be scanned by your Anti-virus software.