New Worm Poses As Security Patch

[Ray]

Very interesting! Although UNIX (several favors) have been hacked in the past, on several
occasions, it's true that it's way much harder to do anything damageable in UNIX than it is under
Windows.

I remember a certain virus that could extract root's password from any account... But since then,
the bug has been fixed.

[Ray]

The plan is still on the table. I'm expecting a bonus in March, a bonus that should cover half the
price of a G5. Unless Santa is really, really generous this year (been a good boy all year long!)

Ray

[Grant Dixon]

Mac users do not feel cocky. There is a reason that many companies
producing anti virus software for Macs

While the majority of virus worms and the like are spread by PC it is
because there are more PC out there to spread them. Just as the market is
larger for software writers in the PC world it is also a larger market for
Hackers.

Macs have had their share of viruses to name a few there is Mac.Simpson,
and CODE-252. Also that wonderful OS X is susceptible to the Sobig Worm.
It should be noted that while Macs are not affected by viruses like the
W32.Klez the are as capable in spreading as PC are. The first and only
virus to be spread by a commercial CD was by a Mac software developer and
they sold 30,000 copies of their software before the bugger was stopped.

So while Mac users are not as likely to be infected as PC the users caution
should be taken. No matter what machine you are using it is wise to
practice safe HEX.

Grant

[Barbara Brundage]

Also that wonderful OS X is susceptible to the Sobig Worm.




I'd like to see your documentation on that, Grant.

It is true, though, that macs can transmit pc viruses, although they themselve are not affected by them, especially word macro viruses.

[Joe Henry1000]

Grant,

I certainly don't want to turn this into a Mac vs PC thread :-) (other than to point out that Mac's are pretty impervious to viruses and/or worms), but I just have to point a few things out.

Mac users do not feel cocky. There is a reason that many companies producing
anti virus software for Macs





I wouldn't know, I don't own virus software. Never had the need. ;-)

While the majority of virus worms and the like are spread by PC it is
because there are more PC out there to spread them. Just as the market
is
larger for software writers in the PC world it is also a larger market
for
Hackers.





Read the link Barb provided. You're talking about the Security through Obscurity myth.

>Macs have had their share of viruses

There are less than 100 know Mac viruses but for Windows there are over 70,000.

Also that wonderful OS X is susceptible to the Sobig Worm.




I have to doubt you on that one Grant. I haven't heard of any Macs succumbing to Sobig. I don't think it's even possible.

the are as capable in spreading as PC are.




You're right Grant, I'll give you this one. Except that it's not our (Mac users) fault that the dang virus exists in the first place. ;-)

The first and only virus to be spread by a commercial CD was by a Mac
software developer and they sold 30,000 copies of their software before
the bugger was stopped.




I'll have to take your word on that.

Joe :-)

[Grant Dixon]

Barbara

I did speak a little to hastily. While Mac are affected by the Sobig Worm
they are not infected by it.

[url]http://www.sophos.com/virusinfo/articles/sobigmac.html[/url]

My original source was a tad weak. In any event you will be able to fine
other virus that affect and infect Linux based systems although not as many
as PC virus. I am totally amazed that virus writing is not as popular with
Linux as it is an open based system and the code is all there for the
asking.

Once again sorry for the confusion.

Grant

[Barbara Brundage]

Hi, Grant. No problem. BTW, I'd never heard of Code-252, so I looked it up. Here's what I found:

For the first half of the year the virus spreads, infecting applications
and System files. During the second half of the year the following message
is displayed if an infected application is launched or an infected system
is started up.






"You have a virus. Ha Ha Ha Ha Ha Ha Ha Ha
Now erasing all disks...
Ha Ha Ha Ha Ha Ha Ha Ha
P.S. Have a nice day
Ha Ha Ha Ha Ha Ha Ha Ha
(Click to continue)"









No files or directories are deleted but a user may be tempted to restart
their Macintosh, which could cause damage. This virus cannot infect applications
from infected versions of operating system 7.0 and later and does not
work under Multifinder in System 6. An infected Macintosh is likely to
crash.




Note that this virus dated from 1992. I remember another one from about that time that Chuck and Barb might like--it made your computer play "Yellow Rose of Texas" whenever you opened a file. As far as I know, the only virus for the "classic" mac os that did much damage was the sevendust virus, which I think may be the one you are referring to re the infected cds, but again, that was back in 1997 or so, if I remember rightly.

[Joe Henry1000]

Barbra,

Don't forget all those Office macro's (not really viruses per se) that were all the rage mid to late 90's. We can thank Microsoft for those too.

As far as I know, the only virus for the "classic" mac os that did much
damage was the sevendust virus, which I think may be the one you are referring
to re the infected cds, but again, that was back in 1997 or so, if I remember
rightly.




I don't remember that one. Do you recall what it did?

Joe

[Barbara Brundage]

Hi, Joe. Here's Symantec's page on it. There are a lot of variants, some benign, some create INITs and Extensions:

<http://securityresponse.symantec.com/avcenter/venc/data/mac-sevendust.html>

[Barbara Brundage]

Oh, it mostly came as an attachment describing itself as a "graphics accelerator."

[Grant Dixon]

Barbara if you would like some dry reading

[url]http://www.faqs.org/faqs/computer-virus/macintosh-faq/[/url]

Grant

[Joe Henry1000]

Cool! Or not, depending on if you got infected. ;-)

Thanks for the link Barb. BTW, did you get my e-mail from a couple days ago?

Joe

[Barbara Brundage]

Hi, Joe. Yes, I did, thanks.

Thanks, Grant. That was a trip down memory lane-I haven't heard most of those mentioned in years.

Are word macros still a big virus thing? (Don't have it, so I don't keep up on that.)

[Vicky Bilaniuk]

Barbara, same thing happened to me last time. With the last worm
(Blaster, I think it was called) everyone complained about it, but I
never saw a single message. This time, I have been *hit*. Man oh man.
At least 100 messages per day, which is extraordinary for me. I've
never been on the receiving end of a worm in all my years of being on
the net (heh heh, I make myself sound old, which I'm not, but I have
been on the net for a while).

I'm glad I'm using a Mac. (that is, until someone decides to write a
virus for them, but then I think that would be a *lot* harder than it
would be for Windows machines)

[Leen Koper]

Oh, how I hate this self complacency of these Mac people... ;-)
I'll never own a Mac; reminds me too much of a Big Mac.

Leen

[JodiFrye]

Ya know, this stupid worm is still trying ! When will it end ? I can't recall ever going through this before. When Norton picks something up it's usually just once and then I don't get anymore t'il the next one comes. I can't recall Norton picking anything up for a couple of months and now...EVERY time I check my mail it's the same blasted worm !!! Always 2 of them. One disguised as a patch for microsoft and the other is a mail delivery notice of some kind....always different wording for each every time. I hate this.

[Schraven Robert]

Jodi,

Same here.
Always two messages. Those two however clogg up my intray since last thursday night. My provider suggested I should activate their spammer(?) which I did last night. Since then it caught (the) two messages but my intray still had 1 Mb of the same. My provider says that only a few people are hit by this virus.

Robert

[Byron Gale]

My understanding of this worm is that you will receive it only if someone
who has your email in their address book succumbs to the virus.

Consequently, if you are receiving a lot of the worm messages, it means that
your email address is in the possession of a lot of persons who don't
practice good anti-virus techniques. How did these virus "slackers" get
your email addresses? ;)

At the risk of jinxing things, I must state that I have not received a
single copy of the worm, on any of my 8 email addresses.... a testament to
the diligence of those people with my email in their address books.

Byron

[Schraven Robert]

Byron,

At the moment all I want to know is when it will be over.
Since it seems to continue day and night I just wonder who/what is so active day and night.

Robert

[JodiFrye]

Ok, got 10 this morning !!!! GRRRRRR ...worse part is that I have dial up so i sit twiddling my fingers waiting to quaranteen each one that finally loads. I've had it !!!!