hosted by liquidweb


Go Back   Web Hosting Talk : Web Hosting Main Forums : Hosting Security and Technology : malicious attempt ?
Reply

Forum Jump

malicious attempt ?

Reply Post New Thread In Hosting Security and Technology Subscription
 
Send news tip View All Posts Thread Tools Search this Thread Display Modes
  #1  
Old 11-26-2001, 04:33 PM
vegs vegs is offline
Disabled
 
Join Date: Nov 2001
Posts: 97

malicious attempt ?


Someone intend to send me a virus but it seems that exim did something to it.

This message has been rejected because it has
a potentially executable attachment "New_Napster_Site.MP3.pif"
This form of attachment has been used by
recent viruses or other malware.
If you meant to send this file then please
package it up as a zip file and resend it.

------ This is a copy of the message, including all the headers. ------

Return-path: <sales@xx***********>
Received: from host213-1-129-242.btinternet.com ([213.1.129.242] helo=aol.com)
by xxxx.xxx.xxx with smtp (Exim 3.33 #1)
id 168Rzc-0001XS-00
for sales@x***********; Mon, 26 Nov 2001 15:04:41 -0500
From: "Support" <support@cyberramp.net>
To: sales@***********
Subject: Re:
MIME-Version: 1.0
Content-Type: multipart/related;
type="multipart/alternative";
boundary="====_ABC1234567890DEF_===="
X-Priority: 3
X-MSMail-Priority: Normal
X-Unsent: 1
Message-Id: <E168Rzc-0001XS-00@xxxx.xxx.xxx>
Date: Mon, 26 Nov 2001 15:04:41 -0500

--====_ABC1234567890DEF_====
Content-Type: multipart/alternative;
boundary="====_ABC0987654321DEF_===="

--====_ABC0987654321DEF_====
Content-Type: text/html;
charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable


<HTML><HEAD></HEAD><BODY bgColor=3D#ffffff>
<iframe src=3Dcid:EA4DMGBP9p height=3D0 width=3D0> </iframe></BODY></HTML>
--====_ABC0987654321DEF_====--

--====_ABC1234567890DEF_====
Content-Type: audio/x-wav;
name="New_Napster_Site.MP3.pif"
Content-Transfer-Encoding: base64
Content-ID: <EA4DMGBP9p>

TVqQAAMAAAAEAAAA//8AALgAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAA8AAAAA4fug4AtAnNIbgBTM0hVGhpcyBwcm9ncmFtIGNhbm5vdCBiZSBydW4gaW4gRE9TIG1v
ZGUuDQ0KJAAAAAAAAAAoxs1SbKejAWynowFsp6MBF7uvAWinowHvu60BbqejAYS4qQF2p6MBhLin
AW6nowEOuLABZaejAWynogHyp6MBhLioAWCnowHUoaUBbaejAVJpY2hsp6MBAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAUEUAAEwBAwCoIP47AAAAAAAAAADgAA8BCwEGAABwAAAAEAAAANAAAEBHAQAA
4AAAAFABAAAAQAAAEAAAAAIAAAQAAAAAAAAABAAAAAAAAAAAYAEAAAQAAAAAAAACAAAAAAAQAAAQ
AAAAABAAABAAAAAAAAAQAAAAAAAAAAAAAABkUAEAMAEAAABQAQBkAAAAAAAAAAAAAAAAAAAAAAAA

is there any potential danger to my server ? I almost had it with cc fraud and now this.



Sponsored Links
  #2  
Old 11-26-2001, 04:54 PM
netsolutions netsolutions is offline
Web Hosting Master
 
Join Date: Oct 2001
Location: Sudbury, ON
Posts: 1,161
This is the same virus everybody on WHT has been getting.

  #3  
Old 11-26-2001, 04:59 PM
vegs vegs is offline
Disabled
 
Join Date: Nov 2001
Posts: 97
does this mean that my server has been infected by this virus ?

Sponsored Links
  #4  
Old 11-26-2001, 05:02 PM
RackMy.com RackMy.com is offline
Web Hosting Master
 
Join Date: Apr 2001
Location: St. Louis, MO
Posts: 2,508
Not unless you opened up the virus on your server.

__________________
Mike @ Xiolink.com
http://www.xiolink.com 1-877-4-XIOLINK
Advanced Managed Microsoft Hosting
"Your data... always within reach"

  #5  
Old 11-26-2001, 05:05 PM
netsolutions netsolutions is offline
Web Hosting Master
 
Join Date: Oct 2001
Location: Sudbury, ON
Posts: 1,161
The virus is not a serious problem. All it does so far is send the email to everybody in your address book.

  #6  
Old 11-27-2001, 12:28 AM
Dylan Dylan is offline
Web Hosting Master
 
Join Date: Oct 2000
Posts: 1,113
Viruses are starting to make me sick...

YET AGAIN, today I received another virus.

It tried to save itself to my pc and at the same time pretended that it wanted to make use of some image in my temporary internet files directory.

Which makes me worried, so I better be on my way and do a scan...

  #7  
Old 11-27-2001, 12:03 PM
magnafix magnafix is offline
Web Hosting Master
 
Join Date: Apr 2001
Location: Montana USA
Posts: 673
here's the virus info:

http://securityresponse.symantec.com...rans.b@mm.html


We had one poor customer send it to us 5 times in under a minute.

__________________
John Masterson
Former Hosting Company Owner

Reply

Related posts from TheWhir.com
Title Type Date Posted
‘Black Hole’ Effect Leads to Fewer Attacks on FireHost Web Hosting News 2014-01-28 14:22:04
Hard-to-Find Malicious DLL Found in Some Microsoft IIS Web Servers Web Hosting News 2013-12-10 12:52:53
Prolexic Warns of Growing Identity Theft Camouflaged by DDoS Attacks Web Hosting News 2013-08-28 12:20:19
Microsoft Reaches Settlement with Nitol Botnet Host 3322.org Web Hosting News 2012-10-05 13:13:16
Security Provider Websense Discovers Fake Symantec Emails Distributing Malware Web Hosting News 2012-08-29 14:44:19


Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes
Postbit Selector

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off

Forum Jump
Login:
Log in with your username and password
Username:
Password:



Forgot Password?
Advertisement:
Web Hosting News:



 

X

Welcome to WebHostingTalk.com

Create your username to jump into the discussion!

WebHostingTalk.com is the largest, most influentual web hosting community on the Internet. Join us by filling in the form below.


(4 digit year)

Already a member?