VIRUS ALERT - "SirCam"

greenspun.com : LUSENET : Unofficial Newcastle United Football Club BBS : One Thread

I've received the following message from a friend living in Spain. In view of recent similar problems people on here have experienced, I thought everyone should be aware of what appears to be the latest e-mail virus.

Please read the warning below. We have been receiving such e-mails over the past few days but luckily my virus program (Norton) detected this but only when I tried to open the attached file(s). Even if I scanned the hard drive completely it did not detect the virus. I was alerted by the fact that the e-mails were coming from an unknown person but as the warning says they may come from someone you know and trust if their computer has become infected.

ALERT
This is a virus notification from Southwestern Bell/Pacific Bell/Nevada Bell Internet Services. Please read this message carefully.

A virus known as SirCam is affecting Internet users worldwide.
The SirCam virus is transmitted through e-mail attachments and will likely come from someone you know. We recommend that you monitor your e-mail for unusual or unexpected messages. As a precaution, delete messages that begin "Hi! How are you?" and end "See you later. Thanks" and contain an attachment.

The message also may appear in Spanish, beginning "Hola como estas?" and ending "Nos vemos pronto, gracias."

If your computer becomes infected, the virus will send messages to every e-mail address stored on your computer and attach your personal files to outgoing messages. We strongly recommend that you update your anti-virus software to help protect your computer from this virus.

For a complete description of this virus, please refer to the bulletin available at http://www.cert.org/advisories/CA-2001-22.html.

-- Anonymous, July 31, 2001

Answers

Always prepared.

-- Anonymous, July 31, 2001

There's a worse one being warned from Computer Associates (Innoculan / InnoculateIT) called CodeRed IIS Worm, which can't be scanned conventionally.

Patches for Win2000 and NT are availabe from here - requires server install and restart.

http://www.microsoft.com/technet/treeview/default.asp? url=/technet/security/bulletin/ms01-033.asp

-- Anonymous, July 31, 2001


Yeah but we don't really care about Code Red do we.....all it's gonna do is knock very very loudly on the white house door and possibly kick it down :))

-- Anonymous, July 31, 2001

Isn't Code Red due to kick off at 1pm BST? so that's less than 2 hours :))

Well if I don't all see you on the net this afternoon i'll catch you tomorrow...

-- Anonymous, July 31, 2001


I just got this which had attachments, in txt

fax 1 Date: Tue, 31 Jul 2001 10:10:03 +0800 From: "Azman"

fax 1.doc.pif Name: fax 1.doc.pif Type: Shortcut to MS-DOS Program (application/x-unknown-content-type-piffile) Encoding: base64 Is this a virus?

-- Anonymous, July 31, 2001



Oops Code Red is 1pm tomorrow....sorry for my premature articulation...

-- Anonymous, July 31, 2001

You're at risk only if your pc is a server, cos servers are the target. Most home users needn't get too up tight, and it's supposed to be a doddle to get shot of, just download the patch and re-boot.

-- Anonymous, July 31, 2001

It will be extremely ironic if we never hear from Pit Bill again ...

-- Anonymous, July 31, 2001

Now how does it go when you need to download a patch when your machine keeps freezing again? Oh yes, I remember repeat: "Sh*t**g, c***ing, f****ing B*ll*cks!!!" at the top of your voice for several hours before having to wave goodbye to your pc for several weeks :-(

-- Anonymous, July 31, 2001

Wishful thinking Jonno ? :-)

I knew there had to be a reason why the poxy modem on my new pc is resisting all attempts to come to heel. It's obviously thinking of my cyber well being.

-- Anonymous, July 31, 2001



Moderation questions? read the FAQ