Jump to content


Photo
- - - - -

Bogus B* helpdesk email


  • This topic is locked This topic is locked
3 replies to this topic

#1 AibelNET

AibelNET

    CS v Women CS always win..

  • Elites
  • 215 posts

Posted 03 March 2004 - 10:44 AM

WARNING BOGUS EMAIL FROM YOUR ISP HELPDESK

If you receive an email today from BT, NTL and all other ISP helpdesks with an attachment and it asks you to enter a password... when you open this attachment and put in the password it opens up you PC and acts like a server...

What ever you do under no circumstance open this attachment or email it's a bogus email containing a virus and a BackDoor Trojan... :woot:

Edited by Anubis, 05 March 2004 - 01:14 AM.


#2 AquaS

AquaS

    AquaS

  • Member
  • 437 posts

Posted 03 March 2004 - 05:46 PM

Anubis Thanks for letting me know :o.

#3 Red Killer Sira

Red Killer Sira

    Sira

  • Member
  • 864 posts

Posted 03 March 2004 - 10:00 PM

What is B* HELPDEK?

Edited by Red Killer Sira, 03 March 2004 - 10:22 PM.


#4 AibelNET

AibelNET

    CS v Women CS always win..

  • Elites
  • 215 posts

Posted 05 March 2004 - 12:53 AM

Here is the virus responsible for sending out bogus email from you ISP's technical support and admin...

What is W32.Beagle.J@mm and how does it affect me?

W32.Beagle.J@mm is a mass-mailing worm that opens a backdoor on TCP port 2745 and uses its own SMTP engine to spread through email. In doing so, it sends the attacker the port on which the backdoor listens, as well as the IP address. It also attempts to spread through file-sharing networks, such as Kazaa and iMesh, by dropping itself into the folders that contain "shar" in their names.

An email potentially containing the worm has the following characteristics:
From: Spoofed to appear as though it is coming from the one of the following addresses at the recipient's domain:

management
administration
staff
noreply
support

Attachment: A randomly named .exe file, inside a .zip file, or an .pif file.
The zip file will be password-protected.

This worm is currently undergoing analysis. The record at Security Response will be updated as information becomes available.

To read more about the W32.Beagle.J@mm, please click here.

What action can I take from here?

Go to Symantec Security Response for posted virus
definitions!
All users of Norton AntiVirus
who do not have up-to-date virus protection should
immediately run LiveUpdate for protection from
W32.Beagle.J@mm.

Virus definitions are available via the LiveUpdate feature in the Norton AntiVirus product or the Symantec Security Response Web site.

Symantec Security Response encourages all Norton AntiVirus users to regularly download virus definitions in order to protect against future threats. For more information on how to run LiveUpdate, please click here.

Run LiveUpdate
Virus definitions are available via the LiveUpdate
feature in the Norton AntiVirus product or the
Symantec Security Response Web site.

Upgrade Norton AntiVirus™
If you have an older version of Norton AntiVirus
and would like to upgrade to Norton AntiVirus 2004,
please go here:

http://nct.symantecs...ade_center.html

Norton AntiVirus™ 2004
To purchase Norton AntiVirus ™ 2004, please go here:

http://www.symantecstore.com/51410/nav

Want to comment?

Register or Sign In to go completely ad-free!