Slashdot Mirror
Evaman Worm Attacks Email Servers
An anonymous reader writes "CoolTechZone is reporting that the mail servers of various popular email services such as Hotmail and Yahoo to be bogged down with a new worm, code-named Evaman.
The headings are common to the ones users encounter everyday in their inbox - "Failed Transaction" or "Delivery Failure". This worm has the potential to take control over Windows 95, 98, ME, 2000, XP, NT, and Windows Server 2003."
Aargh matey! Capture the first post!
Ocean is land, covered with water.
Fritz has potsed
Please try to keep posts on topic.
Try to reply to other people's comments instead of starting new threads.
Read other people's messages before posting your own to avoid simply duplicating what has already been said.
Use a clear subject that describes what your message is about.
Offtopic, Inflammatory, Inappropriate, Illegal, or Offensive comments might be moderated. (You can read everything, even moderated posts, by adjusting your threshold on the User Preferences Page)
If you want replies to your comments sent to you, consider logging in or creating an account.
As I laugh, since I finally got my workstation at work moved from XP to SuSe 9.1, more so the reason to switch as soon as you can. Then again, I still have to babysit over a dozen people here who use Windows and will likely be dumb enough to open the attachments.
;)
Fortunately, I read slashdot, and have a "properly configured firewall", since we all know that cures all problems
Tequila: It's not just for breakfast anymore!
This is not a Microsoft exploit, just a trojan that targets MS products. What is the world coming to when I can't get my machine rooted without the work of logging into a free email service to check my pr0n mail?
An Education is the Font of All Liberty
If you want the Symantec release re-written by someone who knows what they're talking about, look here.
"Evaman occupies a false email address" doesn't fill me with respect for CoolTechZone's credentials.
The Slashdot Paradox: "100% Overrated"
Rather than reading a journalists munged interpretation of what Symantec said, you can look at Symatec's original statement
Also been seeing lots of those "MS Security Update" mails too. Anyone know if the two are related?
Again...can't be just start posting a weekly news post on /. to the affect of "Somewhere, someone created another virus for Windows?" Wouldn't that be equally effective, and still truthful?
I just can't wait to read the posts from the Window's defenders who claim to have never gotten a virus, and never suffered a problem with Windows. Right...sure. I'll believe that when DNF comes out.
Jason Lotito
The article says, "The security firm, Symantec, has given this worm a critical warning and states that this worm could be as as dangerous as the MyDoom virus." Funny, Symantec's description isn't nearly so dire: "Threat containment: Easy; Removal: Moderate."
Stupid job ads, weird spam, occasional insight at
Some good additional available here
Microsoft will do anything to get in the news :oP
We should be OK. The virus requires people to open the attachement on the mail in order for it to work. So unless people are stupid enough to open attachements after we've been telling them for years and years and after countless virus plauges not to we should all be fine... .......
Oh God!! We're all DOOOOOMED!!!!!
May the Maths Be with you!
i'm using Windows 3.1, you insensitive clod.
"There is nothing more frightful than ignorance in action." Johann Wolfgang von Goethe
Too bad I run linux, I would really like some of those!
I guess it was never meant to be...
Dependency hell? =>
is that the mail(at least the variant that I receieved) has a fake little message about the attatchment being scanned for viruses. Are people that gullible and/or stupid? I would hope people would be smart enough to realize that it's really easy to type a message saying that something has been scanned for viruses.
Ugh, it's not even like you have to be computer savvy to figure these things out. Do people open their houses to random drifters who say they work for the city and need to do some work without at least checking for ID?
Actually, yeah, they do, oy.,,what a world...
This would be the windows catastrophie of the week huh?
Can someone please, please, please write a decent Unix worm so we can get some interesting headlines?
And don't tell me it's just because MS is a bigger target. Linux runs between 35%-40% of the worlds servers (and more than that if your only counting the DMZd webservers). It's the code stupid.
I would rather be ashes than dust!
Have you ever seen an old photo of yourself and been embarrassed at the way you looked? Did we actually dress like that? We did. And we had no idea how silly we looked. It's the nature of fashion to be invisible, in the same way the movement of the earth is invisible to all of us riding on it.
What scares me is that there are moral fashions too. They're just as arbitrary, and just as invisible to most people. But they're much more dangerous. Fashion is mistaken for good design; moral fashion is mistaken for good. Dressing oddly gets you laughed at. Violating moral fashions can get you fired, ostracized, imprisoned, or even killed.
If you could travel back in a time machine, one thing would be true no matter where you went: you'd have to watch what you said. Opinions we consider harmless could have gotten you in big trouble. I've already said at least one thing that would have gotten me in big trouble in most of Europe in the seventeenth century, and did get Galileo in big trouble when he said it-- that the earth moves. [1]
Nerds are always getting in trouble. They say improper things for the same reason they dress unfashionably and have good ideas: convention has less hold over them.
It seems to be a constant throughout history: In every period, people believed things that were just ridiculous, and believed them so strongly that you would have gotten in terrible trouble for saying otherwise.
Is our time any different? To anyone who has read any amount of history, the answer is almost certainly no. It would be a remarkable coincidence if ours were the first era to get everything just right.
It's tantalizing to think we believe things that people in the future will find ridiculous. What would someone coming back to visit us in a time machine have to be careful not to say? That's what I want to study here. But I want to do more than just shock everyone with the heresy du jour. I want to find general recipes for discovering what you can't say, in any era.
The Conformist Test
Let's start with a test: Do you have any opinions that you would be reluctant to express in front of a group of your peers?
If the answer is no, you might want to stop and think about that. If everything you believe is something you're supposed to believe, could that possibly be a coincidence? Odds are it isn't. Odds are you just think whatever you're told.
The other alternative would be that you independently considered every question and came up with the exact same answers that are now considered acceptable. That seems unlikely, because you'd also have to make the same mistakes. Mapmakers deliberately put slight mistakes in their maps so they can tell when someone copies them. If another map has the same mistake, that's very convincing evidence.
Like every other era in history, our moral map almost certainly contains a few mistakes. And anyone who makes the same mistakes probably didn't do it by accident. It would be like someone claiming they had independently decided in 1972 that bell-bottom jeans were a good idea.
If you believe everything you're supposed to now, how can you be sure you wouldn't also have believed everything you were supposed to if you had grown up among the plantation owners of the pre-Civil War South, or in Germany in the 1930s-- or among the Mongols in 1200, for that matter? Odds are you would have.
Back in the era of terms like "well-adjusted," the idea seemed to be that there was something wrong with you if you thought things you didn't dare say out loud. This seems backward. Almost certainly, there is something wrong with you if you don't think things you don't dare say out loud.
Trouble
What can't we say? One way to find these ideas is simply to look at things people do say, and get in trouble for. [2]
Of course, we're not just looking for things we can't say. We're looking for things we can't say that are true, or at least have enough chance of being true that the question should remain open. But ma
or at least it seems to take around a nanosecond longer to load. Maybe it's other network traffic or sth.
wierd, my gmail account is untouched... it must suck to not have one...
so i found this code to create a gmail invite link (dont know if it works)...
look at this
Can anyone tell me why it uses an smtp server?
:p
I mean - modern vira all include a built in smtp server. Makes them much better distributed...
I hate sloppy virus writers!
Okay, fine, users are dumb. How how about we give them a slight break in this case? Failed deliveries are far enough out of most people's 'normal' e-mail experience that i can understand why they'd read the message. No it doesn't excuse opening anything with .scr, but txt.scr, html.scr, outlook.scrtxt.exe might dupe your avg users.
Anyways, here's a better article linked by McAfee and The Article That Started It All from the Sydney Morning Herald. Perusing the summaries off of Google News makes it seem like this will either be "unlikely to have a major impact on Australian businesses." or (now this is really crazy because it's from the same website, but a different article) "clog mail servers, cause severe slowdown and wreak financial damage as it spreads rapidly around the world when businesses return to work today"
I love that everyone can quote the Sydney Morning Herald to report that the sky is falling, or that things will mostly be okay. how do two journalists end up with such completely different viewpoints? They both quote Tim Hartman
and/or /Rant[Fuck Beta]
o0t!
No! your not serious!! surely it cant attach Windows 2003, Bill PROMISED me it was more secure.
:-)
now COULD he do such a thing.
Thats it, i want a divorce.
I quit using my yahoo email b/c of spam, but I took a look to see if I had said worm. Unfortunately all I have is the usual:
.
PAIN MEDS.. FILL and SHIP Directly to Your DOORSTEP *
Special Offer Claim 250 Full-Color
Business Cards FREE!
©ÉT ±d©ÊÍ ^_^
The Career News
Finding a job on the internet . .
My Home Finance Direct Homeowners $ave Money Now
Pet Care Make Your Pets Happy
Visit Our City Win a Dream Summer Vacation
Of course running Linux/Mac at home I needed worry (as much) about viruses.
PCBCW$E
free ipod and free gmail!
I see the real long term solution to the problem of unwanted software execution being a form of public-key cryptography at the hardware level -- effectively, for every processor to have its own unique instruction set, so that only code compiled for that particular processor can be run on it. (Maybe there would need to be a compatibility-mode switch, to install a kernel and a compiler just to get you going; but please let it be something like a jumper on the motherboard which you have to put on -- certainly there should be no way that software could subvert this security feature.) Also, the installation of new software should require a conscious action on the part of the user, and involve a hardware operation -- such as operating a normally-concealed switch. If you bought a new computer, you would have to recompile all your software from source, but that's a small price to pay. Alternatively, you could allow the user to flash the thing with a new key pair; so you could just give your new computer the same instruction set as the old one. Or a corporation with many desktops to administer need only give all their machines the same keys, and then compile application software once to run on any of them.
The average user won't really notice much. They will simply see an extra step taking place after downloading and before installing, as an automatic configure and make are performed. And they will have to validate the install, but I can't see how anybody would think that unusual: if it can affect the way your computer works, you damn well should have to tell it you're sure you want to go ahead.
Since every piece of downloaded software would have to include the source code, it would be much simpler to chase up infections if they occurred. And if every software installation required users to validate it, drive-by downloads -- arguably a form of virus infection -- would become a thing of the past.
It would still be possible to sell closed-source software; but you would either have to insist that users programmed their machine to a key pair you specified {which is great for locking out your competitors, but rather defeats the entire point of personalised instruction sets} or supply you with the public key of their machine so you can compile software for it {a little more secure for the user, but very expensive to implement}.
BTW, why is anti-virus software closed-source? What don't the likes of Symantec want us to know?
Je fume. Tu fumes. Nous fûmes!
Rendered useless at just the age of 9. Windows98 won't even make it that long. I wonder when they'll stop support for WindowsXP and some bug will come out that renders it pointless to use. ... or is it already pointless ..
*DrugCheese rants*
It's a touch sad though, because people start quoting news sources like the inquirer who're in turn quoting another article as their source of info.
I guess this And the sky shall turn red, the sea will turn to jam and so on should have raised a red flag or two, but honestly, news articles are so dubios that i've become jaded. I don't bother to do much more than scan for content because i know i'll read another article saying/spinning things in a completely different fasion.
[Fuck Beta]
o0t!
I wonder whether this site exists only to generate ad revenues from people who trip over it.
Interesting. The story was submitted by an "anonymous reader".
zWhat would an EWOULDBLOCK block, if an EWOULDBLOCK could block would? -- me
Yahoo and Hotmail are being protected by these puppies from Ironport. They use Brightmail to filter to the Bulk folder and Sophos for AV. Hopefully they turned on both features.
"Beware of he who would deny you access to information, for in his heart, he dreams himself your master."
The word "worm" is spelled wrong ("worn") in the story description.
the article linked contained absolutely no real information....
Get up!
Whoa, a new invented plural to attack!
Jesus crist! Why do people bother submitting these kind of stories?
Can somebody name a time there HASN'T been one of these kinds of viruses in the wild? That would be NEWS, not this shit.
No, you can't? What a surprise... This happens 24 hours a day, 365 days a year.
Not only does it happen constantly, there's thousands and thousands of these viruses about. Heck, I could write 50 different ones right now, when each one gets reported to symantec, will you post a story about it?
Get some real news and stop wasting our time. There's nothing that annoys me more than news which isn't news at all (well, that's a form of ignorace.. which is what actually annoys me the most).
The security advisory then lists a dozen or so popular multi-stage relays, from some major ISPs. This explains why my system was being hit by Verizon servers over a thousand times this weekend, targeting a non-existant address.
And here I thought it was just their normal "ignore the 550 response code, just retry endlessly" configuration! Turns out, it was just their "Relay anything for anyone" configuration!
Never ceases to amaze me how people will continually open attachments. We warn them at work verbally, we send out memos, we post cheezy posters, we alter default mail client behaviour to make it harder. STILL some users insist on opening executable attachments. I will never understand what compells them to do so. I understand the first time, you don't know, and it is a nasty supprise, no problem. However after the third time a computer support person has chewed you out, you've AGAIN gotten the memo, etc, people still insist on doing it.
The really scary thing is we have a virus scanner running on our mail server to filter this. However it is only updated once a day max, and the company (Sophos, not what we want but it's a government contract) isn't always on the stick with the updates. So people will do this within the first 48 hours of a new worm comming out. I hate to think what it would be like without filtering.
Standard issue cars are more equal than OS's, currently.
This is a case more like the dude pulled over on the highway by a cop for weaving. Turned out he wasn't drunk, even buzzed, just that he had no steering wheel, instead he was using vice-grips clamped directly onto the steering column.
As far as M$ and use of its software on the Internet go, there have been several small children shouting that the emporer has no clothes. And now that I mention it, why, yes. It does appear that the emperor has no clothes.
Don't let your ideology bit you on the head, drop M$ and move on.
your quote
"Windows isn't a blackhole for viruses as some people like to overemphasize it as. Windows is a blackhole for people who do silly things like run ridiculous software or click on attachments when they shouldn't."
So my response would be, except for the untold millions of people who ARE running a windows blackhole machine that sucks in every virus, worm, trojan, malware and spyware out there. Which is most of them. They are by far the largest users demographically on the internet, and it goes across national boundaries, and inside practically all businesses out there. It's a HUGE problem, it destroys the global economy to the tune of billions a year, it causes no one really knows how many wasted man hours of effort to try and keep it cleaned up. It is not a minimal problem because a relatively few people comparatively speaking are able to keep their machines organized better.
I think it's just time to admit reality. Windows as designed is just not a good choice for use on the internet. It is acceptable for use on closed intranets and as a standalone work machine or game machine that is not connected to the net.
Despite the availability of updates, patches, service packs,third party programs, thousands of news articles, advisories, etc, to attempt to divert or stop all the various insecure functions related to MS products in general,going to all the windows users out there through generation after generation of windows products, it is still broken for the purpose of being on the internet. You CANNOT just dismiss verifiable anecdotal data, nor can you dismiss the fact that human beings run this stuff, which means this stuff gets run with normal human levels of ability and interest.
Running pure windows now has negated the entire concept of "easy to use, fun, profitable, useful for this purpose" that they push and definetly imply (although their legal disclaimer claims otherwise, I call that a pure outright lie) their software as, because any joe random user now has to become a part time security guru, when that just shouldn't be necessary, not in 2004 it shouldn't.
Same as linux was not a suitable OS for joe everybody when it required being an unix command line guru just in order to run it. It was useful for a very small number of people in specific applications back when. that's true, too, it wasn't for joe everybody. Windows is pushed good for joe everybody, true, it's fine..just not on the internet. Time to just face facts and move on with it, it doesn't pay to cling to what in essence, and not meant to flame just to state a fact, the fantasy that MS is a practical choice if your computing requires being on the internet, personal or business, not if all you want to do is be on the internet and not be a semi professional security expert. It's just broken for that purpose, generally speaking. pointing out individual examples of where it isn't does nothing to take away the reality that in millions and millions of cases it is in fact, a blackhole, except with a definition twist, it sucks them in like a blackhole analogy, then multiplies them exponentially, then spits them back out again.
For every incredibly secure windows installation out there, there are huge numbers of totally broken and insecure examples, that's the real bottom line, and this despite years and years of efforts to make that "not so". I would guess it it is at least 100 to 1, insecure to secure, or some such huge lopsided number like that. Might even be 1000 to 1, no one really knows. It's huge though. And every new version iof the OS and browser and email thingee and SP was supposed to "fix that" and it never has really. It's because of how human beings use computers, and most human beings are not, and will not become, full time or significant part time, security gurus. If this reality is not admitted to, the problem will always exist, and just get worse, not better.
The likelihood of non-junk mail falling into this category these days is virtually zilch by comparison with the typical offerings from the various spam-hausen.
Some of u r so pathetic. Many articles have the original link, dunno why not this time.
who cares if the articles r written by the same person and the domain is owned by the same person.........tht doesnt say anything expect tht the guy is probably work hard on his little site [seems as though u never heard of it].
btw, at one point symantec did hve the warning level to critical. maybe u should check ur sources. once the journalists posts a news, they dont' keep on editing it because the original source changed their results.
i personally could care less about ad revenue. don't be so jeaolous.
Everyone has an angle.
Including Earthlink. Their check said I was riddled with Alexa toolbar + A load of tracking cookies.
Problem was, Both Ad-Aware & Spybot S&D (latest definitions) said otherwise: Clean as a whistle.
I bet if I download the Earthlink Toolbar (same page as the free spyware check) these problems would go away?
T&K.
Political language
this doesnt mean windows is any less secure or vulnerable than its evil insecure unix counterparts ;P
0 25 3
http://slashdot.org/article.pl?sid=04/07/05/153
and just because those systems dont get as many virii as windows doesnt mean they're secure, just shows they're incompatible with the latest virus technology!
*yawn* not again. Caught more than two years before the fact. By Outlook itself (yes, as in Outlook 98, Outlook 2000, 2002, 2003, Outlook Express 6 SP1). No?
Hands up all you sysadmins who aren't keeping your users' mail programs up to date. OK, Users: Avoid these people like the plague and hire yourselves some real consultants.
Use Evolution instead of Outlook? Bewa
man, people on slashdot suck.. the true hurts eh?
This explains that jx54p24@yahoo.it spam I've been getting, with no subject, no body, just "To:undisclosed recipients"
maybe
I remember a couple of years ago in after hours chat with a guy who ran IT for a major company. He got in for work an hour before everyone else as one of his jobs was to 'wake up' the network. Checking the tech bulletins he found that a major virus/worm was circulating (it has been a while, forget which one) and proceeded to set up a loggin message effectively says "DO NOT OPEN 'X' ATTACHMENT, IT IS A VIRUS".
20 minutes after the bulk of employees arrived, a full 2/3rds of the network was infected.
Oh... BTW, I've never been infected. My Win* box sits behind an OpenBSD firewall. And I only open attachments that I am previously expecting. Otherwise... "Hello? Did you send me an attached file? What is it?". I don't care if it is long distance, I will know what it is before I open it.