Slashdot Mirror

← Back to Stories (view on slashdot.org)

Lycos Anti-Spam Screensaver Inspires Trojan

Posted by timothy on from the this-gets-confusing dept.

Even though it's been withdrawn, the Lycos anti-spam screensaver is not forgotten. Rollie Hawk writes "And with this, the 'What's Good for the Goose...' award goes to all those people trying to install that notorious spam-attacking Lycos screen saver but ended up with a Trojan horse instead. This trojan is spreading via email with the subject line 'Be the first to fight spam with Lycos screen saver,' tucked in an innocent-looking file called 'Lycos screensaver to fight spam.zip.' According to F-Secure, this trojan contains keylogger elements but little more has been specified. The only question I have is how long until the 'I promise to clean that trojan disguised as a DDoSing Lycos screen saver.exe' virus gets released."

6 of 167 comments (clear)

  1. Futility by Lonesome+Squash · · Score: 5, Interesting
    Every formal system has its Goedel sentence; every immune system has its HIV. It's the price of complexity.

    Of course, that doesn't make formal systems, immune systems, or anti-spam screen savers useless.

    --
    Behold the riant ape! Beware, his crooked thumbs!
  2. Obligatory File Extension Hiding Reminder by prandal · · Score: 5, Interesting

    When the Windows user has file extension hiding turned on (Microsoft's default), the attachment yohavewon.txt.exe appears to them as youhavewon.txt. It doesn't take much for the malware writer to use the standard windows "text file" icon as the application's icon, and the social engineering attack is complete.

    I will not believe that Microsoft takes security seriously until they they issue updates for all their operating systems to disable this misfeature permanently.

    1. Re:Obligatory File Extension Hiding Reminder by Anonymous Coward · · Score: 1, Interesting

      Well, extension hiding still makes sense as a default option. Things are pretty easier that way for your average computer-illiterate user.

      There's far worse things enabled by default on Windows system, like the aforementioned WSH (no GUI option, and people actually using shell scripting should be able to turn on the engine by themselves), or file sharing capabilities enabled on remote access connections (bright move for the consumer editions of Windows, 9x and the likes).

      Add the host of background services that come up with any fresh install of Windows NT/XP, most of them people will never have a use for nor ever know what's running in the shadow. Windows as the standard home-operating system is something scary.

    2. Re:Obligatory File Extension Hiding Reminder by ad0gg · · Score: 2, Interesting
      Apple has the same feature, you can change the icon of an application to mp3 file icon and add a .mp3 extension. Oh wait, this is slashdot, so double standards are allowed.

      Btw attachments in outlook or any other email program(that I know of) never cut off the extension. And outlook has stopped recieving .exe,.bat,.scr.,.vbs or any other executable attachment since 2002. Nice try though.

      --

      Have you ever been to a turkish prison?

  3. Re:Well, that's what you get by DrSkwid · · Score: 1, Interesting


    "If violence doesn't solve your problems, you aren't using enough of it"

    I think that's from The Art of War but I can't remember, did a quick google but no answer in the first 3 pages

    --
    There are places where the networks are not touching,and there are places where they are-Boeing's Lori Gunter
  4. you dont need lycos screensaver - use the webpage by Anonymous Coward · · Score: 1, Interesting

    ... instead to fight the damn scammers and scammers:

    http://www.aa419.org/ladvampire.html

    open in your favourite webrowser and run it on huge broadbandconnections all day long 24/7 if you dont pay for bandwidth. dont use http-proxies for this page.

    it will generate huge traffic for the scam/spam sites, and hopefully providers to shut down those damn pages.

    thank you