RE: Unknown virus on AIM

["Blanchard, Michael (InfoSec)" <Blanchard_Michael () emc com>]

Opanki has that exact same IM message and similar link.... Might be a new variant of Opanki worm.

 Mike B 


Michael P. Blanchard 
Antivirus / Security Engineer, CISSP, GCIH, MCSE, MCP+I 
Office of Information Security & Risk Management 
EMC ² Corporation 
4400 Computer Dr. 
Westboro, MA 01580 
email:  Blanchard_Michael () EMC COM 

-----Original Message-----
From: funsec-bounces () linuxbox org [mailto:funsec-bounces () linuxbox org] On Behalf Of Todd Towles
Sent: Wednesday, January 18, 2006 9:19 AM
To: funsec () linuxbox org
Subject: [funsec] Unknown virus on AIM

Hey guys,

This virus must not be new, but I have looked at two anti-virus sites
(sophos and norton) and can't seem to pin it down. A young lady sent me
a message last night ("should I add these pics of us on my myspace or
facebook?) then it had a link

The URL was a photobucket link, but it really linked to some
prettyinpink webiste...I closed the message so I don't have the exact
sentence. I attempted to download the file but it was no longer up and
working, so no sample to look at.

Looks like it might be a variant of W32/Attech-D. The are using the new
young culture trends in their targeted SE attacks....kinda new.

Photobucket is very common in the youth profile world, so it almost
treated me as well....but of course, her and I have never been in a
picture together so..exactly.

-Todd



_______________________________________________
Fun and Misc security discussion for OT posts.
https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
Note: funsec is a public and open mailing list.

_______________________________________________
Fun and Misc security discussion for OT posts.
https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
Note: funsec is a public and open mailing list.