Navigacija
Lista poslednjih: 16, 32, 64, 128 poruka.

Bombardovanje virusima sa mailing liste Kaspersky Labs-a!

[es] :: Zaštita :: Bombardovanje virusima sa mailing liste Kaspersky Labs-a!

[ Pregleda: 4123 | Odgovora: 3 ] > FB > Twit

Postavi temu Odgovori

Autor

Pretraga teme: Traži
Markiranje Štampanje RSS

net_freek
Hewlett Packard d.o.o.
BBR

Član broj: 566
Poruke: 132
*.yubc.net

Sajt: www.svetsatova.com


+1 Profil

icon Bombardovanje virusima sa mailing liste Kaspersky Labs-a!09.11.2002. u 02:27 - pre 260 meseci
Ne znam da li neko ima slično iskustvo ali moj mailbox je u poslednja dva dana zasut mailovima sa virusom poslatih putem mailing liste cuvenog proizvodjaca antivirusnog softvera, firme Kaspersky Labs (ironicno zar ne). Mnogi serveri korisceni za relaying su doticne poruke ocistili od virusa i o tome me obavestili mailom. Prosto ne mogu da verujem da se slanjem maila sa bilo koje adrese na adresu: [email protected] poruka salje svima sa mailing liste. U svakom slucaju zanima me jos necije vidjenje ovog propusta od strane kasperskog. Slede dva maila sa sve header-ima:

============================================================================

Return-Path: <[email protected]>
Received: from webserver2.kaspersky-labs.com ([195.161.113.178])
by avala.yubc.net (8.9.3/8.9.3) with ESMTP id JAA01510;
Fri, 8 Nov 2002 09:25:50 +0100
Received: by webserver2.kaspersky-labs.com (Postfix)
id A077920E72; Fri, 8 Nov 2002 08:10:54 +0300 (MSK)
Delivered-To: [email protected]
Received: from messagerie.multiphone.fr (messagerie.multiphone.fr [194.206.157.135])
by webserver2.kaspersky-labs.com (Postfix) with ESMTP id AF9F520B8C
for <[email protected]>; Fri, 8 Nov 2002 02:40:37 +0300 (MSK)
Received: by MESSAGERIE with Internet Mail Service (5.5.2650.21)
id <WMJKSYLR>; Fri, 8 Nov 2002 00:40:41 +0100
Message-ID: <1149797CEC6ED6119C8D00600872D6F606382A@MESSAGERIE>
From: "[MESSAGERIE] Panda Antivirus for Exchange Server" <[email protected]>
To: "'[email protected]'" <[email protected]>
Subject: Incident de virus
Date: Fri, 8 Nov 2002 00:40:40 +0100
MIME-Version: 1.0
X-Mailer: Internet Mail Service (5.5.2650.21)
Content-Type: text/plain;
charset="iso-8859-1"
Content-Transfer-Encoding: 8bit
X-MIME-Autoconverted: from quoted-printable to 8bit by avala.yubc.net id JAA01510
X-UIDL: Tj^"!(&K!!W>!#!D%m"!
Status: U


Panda Antivirus a detecte les virus suivants dans le message:
Server : MESSAGERIE

Envoye par :
Adresse : [email protected]
A : [email protected]
Objet : Returned mail: see transcript for details
Date : 08/11/2002 01:40

VIRUS DETECTE

Fichier : ~000003.txt
Virus : Exploit/iFrame - Desinfecte
Fichier : README.EXE
Virus : W32/Bride - Desinfecte

http://www.pandasoftware.com

===============================================================================

Return-Path: <[email protected]>
Received: from webserver2.kaspersky-labs.com ([195.161.113.178])
by avala.yubc.net (8.9.3/8.9.3) with ESMTP id HAA10814;
Fri, 8 Nov 2002 07:42:47 +0100
From: [email protected]
Received: by webserver2.kaspersky-labs.com (Postfix)
id A573B20860; Fri, 8 Nov 2002 01:24:48 +0300 (MSK)
Delivered-To: [email protected]
Received: from adm.sci-nnov.ru (adm.sci-nnov.ru [195.122.226.2])
by webserver2.kaspersky-labs.com (Postfix) with ESMTP id B9377203FF
for <[email protected]>; Fri, 8 Nov 2002 00:49:29 +0300 (MSK)
Received: (from drweb@localhost)
by adm.sci-nnov.ru (8.11.6/8.11.6) id gA7LiKC43084
for <[email protected]>; Fri, 8 Nov 2002 00:44:20 +0300 (MSK)
(envelope-from [email protected])
Date: Fri, 8 Nov 2002 00:44:20 +0300 (MSK)
Message-Id: <[email protected]>
X-Authentication-Warning: adm.sci-nnov.ru: drweb set sender to [email protected] using -f
X-drweb-hash: b4b175cb07c2092f0170f0e35ce7e243
Subject: [unknown-subject]
Content-Type: text/plain; charset=koi8-r
To: <[email protected]>
X-UIDL: GNh"!97b"!A#d!!L['#!
Status: U

Dear Sender,
message sent from your e-mail address (address may be spoofed)
to <[email protected]> was probably infected and was not delivered.
Antiviral filter report:

========================
DrWeb found next viruses:
========================
infected with Trojan.IframeExec
infected with Win32.HLLM.Generic.95


Recipient was warned and can obtain a copy of infected message.

This message was generated automatically by mail delivery software.
 
Odgovor na temu

_/\_pustinjak_/\_
Veliki Pustinjak
SRBIJA

Član broj: 5814
Poruke: 5
*.dial.InfoSky.Net

Sajt: galeb.etf.bg.ac.yu/~renes..


Profil

icon Re: Bombardovanje virusima sa mailing liste Kaspersky Labs-a!25.11.2002. u 16:57 - pre 259 meseci
I sta ja govorim. Na taj mailing listu ne mozes tek tako da pridjes i da poshaljes virus. To je neko iznutra uradio. Bice tu jedan veliki minus Kasperskom.
Ma oni su to u dogovoru. Posle ce taj isti kaspersky napraviti neki novi aV za taj vrus koji je upravo on pocheo da shalje!
KKAAAAAAAAMMMEEEEEEEEEE
KAAAAAAAAAMMMMEEEEEEEEE
TAALAAAAAAAAAAS!
 
Odgovor na temu

Mihailo
Mihailo Đorić

Član broj: 1016
Poruke: 2875
*.verat.net



+1 Profil

icon Re: Bombardovanje virusima sa mailing liste Kaspersky Labs-a!25.11.2002. u 18:15 - pre 259 meseci
Čisto sumnjam da je tako nešto u pitanju. To se radio na mnogo finiji način nego da ti pošalju virus preko njihove liste. Pre će biti da je neko zloupotrebio loše podešen mail server gde je ta lista.
 
Odgovor na temu

_/\_pustinjak_/\_
Veliki Pustinjak
SRBIJA

Član broj: 5814
Poruke: 5
*.tmf.bg.ac.yu

Sajt: galeb.etf.bg.ac.yu/~renes..


Profil

icon Re: Bombardovanje virusima sa mailing liste Kaspersky Labs-a!26.11.2002. u 16:00 - pre 259 meseci
moze biti
KKAAAAAAAAMMMEEEEEEEEEE
KAAAAAAAAAMMMMEEEEEEEEE
TAALAAAAAAAAAAS!
 
Odgovor na temu

[es] :: Zaštita :: Bombardovanje virusima sa mailing liste Kaspersky Labs-a!

[ Pregleda: 4123 | Odgovora: 3 ] > FB > Twit

Postavi temu Odgovori

Navigacija
Lista poslednjih: 16, 32, 64, 128 poruka.