VIRUS ALERT -- HOMEPAGE

**tjaymadison** · 05-10-2001, 02:46 AM

Got this alert from CNet:

Virus Alert
May 9, 2001

Homepage worm spreads pornography
Yet another e-mail worm is spreading like wildfire. Like the Anna worm that hit last February, the Homepage worm tries to trick users into clicking on the attached file. Homepage threatens to overload e-mail servers with excess traffic, and infected users will find their default Internet browser opening and displaying a pornographic Web site.
This new VBS worm arrives via e-mail with the following information:

Subject: Homepage
Body: Hi! You've got to see this page! It's really cool ;O)
Attached: Homepage.HTML.vbs

Clicking on the attachment activates the worm. To protect yourself, don't open any suspicious e-mail attachments. Also, make sure you have the latest antivirus definitions running on your system.

------------------
"I am not able to rightly apprehend the kind of confusion of ideas that could provoke such a question."
-- Charles Babbage, mathematician, computer pioneer, analytical engine designer (1791-1871)

**mjc** · 05-10-2001, 02:56 AM

Been there done that....

I was in the chatroom telling Pete about it earlier, was going to post it here, but you beat me...

, I even got it, but deleted it without openning, came from somebody I did't know.

I should of added that address to my "banned" list but oh well, there are just some people I can't convince not to forward everything to everyone, so I guess my address shows up in other peoples' address books and I never sent them anything. You got any ideas on how to get out of these forward to everyone lists that some of my friends have going...

------------------
mjc
Links list:Computer Links

All Control Agents must memorize Rule 5 before proceding to Rule 6

**sea69** · 05-10-2001, 09:11 AM

hey

I had allot of 'friends' that used to send forwarded emails (jokes and such) to me... after repeatedly asking them (and explaining why) to stop, I just 'BLOCK SENDER' in OE.

I never open any attachments containing vbs. or exe. and for that matter unless requested or I KNOW the person is as careful as I am, I don't open them AT ALL.

here's something i found on it;

The upshot is that mass forwarding is NOT a good idea. Let me give out with some more news in this regard. Now, just by the inclusion of a small piece of code into an email message, the original sender would get a copy of it each time it is forwarded on with all the new comments. It's called a computer wire tap and, unless you can read source codes, you'd never know it was there. Now, there are ways around it. First, web-based email systems can't be invaded this way. Second, if the email recepient disables the Java Script programming language in MS Outlook, Outlook Express or Netscape, the added comments aren't forwarded to the originator. However, that only protects that user, not those who forward after him. Microsoft said that version 5.5 of Outlook Express isn't affected because the Java Script is off by default. Netscape is working on a patch to stop the wiretaps. (This information was taken from an Associated Press article on Tuesday, February 6, 2001 from the Orlando Sentinel.)

As you see, forwarding email can be more dangerous than just sending out a lie and losing integrity. Even if you forward a joke to friends and family, take the time to remove all the forward info and ask your buddies, friends and family to do the same. Also ask them to forward to you using the BCC feature or to forward to you separate from a whole group.

------------------
sea1_69@hotmail.com

homepage

**bassman** · 05-10-2001, 09:13 AM

Hey Tjay,
Thanks for the tip. I have not seen it YET but with my friends still forwording junk, I'm sure to see it soon.
MJC: As for how to get out of the Forword Loop I sent everyone on my address book a note asking them to not do this to me. Some have listened, some have not. Since e-mail is not that important to me, I delete a lot even from good friends. If its not directly addressing me in the subjuect box, it goes in the garbage box.

------------------
They say to eat before you go to the grocery store so you don't buy so much. That doesn't work at the liquor store does it!

**mjc** · 05-10-2001, 01:05 PM

Like I said I've got a couple that just won't listen, fortunately I don't open attachements either, so I was safe......I guess its time to add some more to the 'Block Sender' list!

------------------
mjc
Links list:Computer Links

All Control Agents must memorize Rule 5 before proceding to Rule 6

**aliaga** · 05-13-2001, 03:22 AM

Technical description:

VBS.VBSWG2.X@mm is an encrypted VBScript Worm that uses a known exploit to send itself to all recipients in an infected user's Outlook Address Book.
The e-mail message has the following characteristics:

Subject = "Homepage"
Body =
Hi!
You've got to see this page! It's really cool ;O)

Attachment= "homepage.HTML.vbs"

Prior to mailing itself out, the worm will search for e-mail messages with the Subject of "Homepage" and delete the message.

The Worm pretends to open a Webpage upon execution. It will randomly select one four pornographic webpages.

Removal instructions:

You should delete any files detected as VBS.VBSWG2.X@mm.

Virus detection with NAV are available with Virus Definitions of May 8, 2001.

------------------
Aa

Thread: VIRUS ALERT -- HOMEPAGE

Thread Tools

VIRUS ALERT -- HOMEPAGE

Thread Information

Users Browsing this Thread

Posting Permissions