Slashdot Mirror
Evaman Worm Attacks Email Servers
An anonymous reader writes "CoolTechZone is reporting that the mail servers of various popular email services such as Hotmail and Yahoo to be bogged down with a new worm, code-named Evaman.
The headings are common to the ones users encounter everyday in their inbox - "Failed Transaction" or "Delivery Failure". This worm has the potential to take control over Windows 95, 98, ME, 2000, XP, NT, and Windows Server 2003."
This is not a Microsoft exploit, just a trojan that targets MS products. What is the world coming to when I can't get my machine rooted without the work of logging into a free email service to check my pr0n mail?
An Education is the Font of All Liberty
If you want the Symantec release re-written by someone who knows what they're talking about, look here.
"Evaman occupies a false email address" doesn't fill me with respect for CoolTechZone's credentials.
The Slashdot Paradox: "100% Overrated"
Rather than reading a journalists munged interpretation of what Symantec said, you can look at Symatec's original statement
The article says, "The security firm, Symantec, has given this worm a critical warning and states that this worm could be as as dangerous as the MyDoom virus." Funny, Symantec's description isn't nearly so dire: "Threat containment: Easy; Removal: Moderate."
Stupid job ads, weird spam, occasional insight at
Some good additional available here
We should be OK. The virus requires people to open the attachement on the mail in order for it to work. So unless people are stupid enough to open attachements after we've been telling them for years and years and after countless virus plauges not to we should all be fine... .......
Oh God!! We're all DOOOOOMED!!!!!
May the Maths Be with you!
i'm using Windows 3.1, you insensitive clod.
"There is nothing more frightful than ignorance in action." Johann Wolfgang von Goethe
is that the mail(at least the variant that I receieved) has a fake little message about the attatchment being scanned for viruses. Are people that gullible and/or stupid? I would hope people would be smart enough to realize that it's really easy to type a message saying that something has been scanned for viruses.
Ugh, it's not even like you have to be computer savvy to figure these things out. Do people open their houses to random drifters who say they work for the city and need to do some work without at least checking for ID?
Actually, yeah, they do, oy.,,what a world...
I run XP extensively because SofTest and TimeMatters isn't available for Linux yet. = ) I have never been directly infected by a worm or virus because I have Windows Update automatically update itself every week, as well as LiveUpdate for Symantec 2004.
The truth is that the OS is only as safe as the user. The people using Linux are that much more advanced than those using Windows, so that is why there aren't that many Linux bugs (as well as the marketshare argument.)
Yes, Linux is more secure by design, but Debian had its server rooted a few months ago, didn't they? And they presumably know what they are doing.
It's kind of like driving a car. You can buy the safest car on the road, but if you are going to change lanes without checking out your blind spot, well, it doesn't matter, does it?
A NYC lawyer blogs. http://www.chuangblog.com/
Well, I don't see myself as a 'Windows Defender' but I've never gotten a virus/worm/trojan on windows, and I _do_ use IE, for many years, on many machines, on many kinds of network.
There is some sort of parallel 'windows world' in which all windows machines are worm-riddled and uptimes are measured in days if not hours and commercial software randomly crashes and free software is not available, and clearly a number of slashdotters live there. But there's also the rest of the world in which windows stuff mostly is available and works.
Disclaimer: The firewall remains the most important part of a network
Whence? Hence. Whither? Thither.
Okay, fine, users are dumb. How how about we give them a slight break in this case? Failed deliveries are far enough out of most people's 'normal' e-mail experience that i can understand why they'd read the message. No it doesn't excuse opening anything with .scr, but txt.scr, html.scr, outlook.scrtxt.exe might dupe your avg users.
Anyways, here's a better article linked by McAfee and The Article That Started It All from the Sydney Morning Herald. Perusing the summaries off of Google News makes it seem like this will either be "unlikely to have a major impact on Australian businesses." or (now this is really crazy because it's from the same website, but a different article) "clog mail servers, cause severe slowdown and wreak financial damage as it spreads rapidly around the world when businesses return to work today"
I love that everyone can quote the Sydney Morning Herald to report that the sky is falling, or that things will mostly be okay. how do two journalists end up with such completely different viewpoints? They both quote Tim Hartman
and/or /Rant[Fuck Beta]
o0t!
Yes, microsoft have helpfully emailed the patch to all it's customers, all you need to do is run the program and you'll be safe.
> This would be the windows catastrophie of the week huh?
It's only Monday; let's wait a few days before deciding.
Sheesh, evil *and* a jerk. -- Jade
And don't tell me it's just because MS is a bigger target. Linux runs between 35%-40% of the worlds servers
Yes SERVERS. Servers dont tend to have stupid users with email clients on them running whatever they are told to by the email message, which is exactly how this (and many before it) spread. Thats the difference here.
(Yes I know Linux is more proactively secure, but its security still doesnt protect from user stupidity. And before anyone says that users wouldnt be stupid to chmod permissions or untar a tgz with permissions retained, think about the recent worm that required users to enter a freaking password to unzip and run it. That one got around fairly well.)