ICANN/GNSO GNSO Email List Archives

[ga]


<<< Chronological Index >>>    <<< Thread Index >>>

[ga] Re: VIRUS ADVISORY - W32/Netsky.s@MM - Ken Stubbs duped?

  • To: General Assembly of the DNSO <ga@xxxxxxxxxxxxxx>
  • Subject: [ga] Re: VIRUS ADVISORY - W32/Netsky.s@MM - Ken Stubbs duped?
  • From: Jeff Williams <jwkckid1@xxxxxxxxxxxxx>
  • Date: Tue, 06 Apr 2004 18:41:47 -0700
  • Cc: Richard Henderson <richardhenderson@xxxxxxxxxxxx>, Ken Stubbs <kstubbs@xxxxxxxxxxx>, "Ken Stubbs (3rd E-mail address)" <kstubbs@xxxxxxxxxxx>, "Ken Stubbs (Yahoo address)" <kstubbs@xxxxxxxxx>
  • Organization: INEGroup Spokesman
  • References: <200404061529.1baZ4gWF3NZFk70@mamo>
  • Sender: owner-ga@xxxxxxxxxxxxxx

Richard, Ken, and all former DNSO GA members or other interested
stakeholders/users,


  perhaps Ken was duped?  See below...

McAfee Security wrote:

>    (((((((((((((((((((( McAfee Security )))))))))))))))))))))))
>
> [ This message is being sent to all all McAfee customers who
> registered their McAfee product and opted-in to receive virus
> alert information. If you wish to no longer receive email
> from McAfee, please unsubscribe at the bottom of this message. ]
>
> ------------------------------------------------------------
>             ** VIRUS ADVISORY - W32/Netsky.s@MM **
> ------------------------------------------------------------
>
> Dear Jeff,
>
> Another variant of the W32/Netsky.MM virus, W32/Netsky.s@MM
> is a Medium Risk mass-mailing worm that arrives inside a
> .PIF attachment. When run, the worm tries to open a backdoor
> on TCP Port 6789, which can help a remote hacker download
> and execute potentially malicious programs on the infected
> system. W32/Netsky.s@MM will also launch a Denial of Service
> attack on various domains, including www.kazaa.com, starting
> in mid-April. The worm spreads itself by stealing email
> addresses from the infected computer, spoofing or forging
> the "from: field."
>
> ------------------------------------------------------------
> WHAT TO LOOK FOR:
>
> FROM: Varies (forged addresses taken from infected system).
>
> SUBJECT: Varies. Examples (check our site for the complete
> list):
> - Hello!
> - Hi!
> - Re: Important
>
> BODY: Varies. The message may be constructed using a pool of
> strings within the worm.
>
> ATTACHMENT: Varies, but has a .PIF extension. The filename
> is constructed from strings within the worm, with a
> random number appended to it. Examples:
> - account
> - postcard
> - sample
> - developement
> ------------------------------------------------------------
>
> Up-to-date McAfee VirusScan users with dat 4348 are protected
> from this threat.
>
> Learn More about W32/Netsky.s@MM:
> ==> http://us.mcafee.com/root/campaign.asp?cid=9999
>
> Scan for W32/Netsky.s@MM:
> ==> http://us.mcafee.com/root/campaign.asp?cid=10000
>
> ____________________Virus Fixes_____________________
>
> McAfee VirusScan 8.0
> McAfee Internet Security Suite 6.0
> Stop viruses, trojans, worms, and more. Now includes
> email and attachment scanning.
>
> Update DAT file
> ==> http://us.mcafee.com/root/campaign.asp?cid=8245
>
> Upgrade Center
> Make sure you have the very latest Internet protection.
> ==> http://us.mcafee.com/root/campaign.asp?cid=8246
>
> Bundle Center
> Build your own security bundle here.
> ==> http://us.mcafee.com/root/campaign.asp?cid=9569
>
> Members Only! Exclusive deals for valued McAfee Security
> customers like yourself.
> ==> http://us.mcafee.com/root/campaign.asp?cid=9570
>
>
> ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
>
>
> [ You are currently subscribed as: jwkckid1@xxxxxxxxxxxxx ]
>
> Please feel free to forward this email to any interested
> friends, family and associates.
>
> Subscribe: If you received this message from a friend and
> would like to subscribe to eSecurity News, virus alerts and
> special offers, go here.
> ==> http://dispatch.mcafee.com/us/sub.asp
>
> Unsubscribe: If you prefer not to receive future email from
> McAfee, please go here.
> ==> http://us.mcafee.com/root/campaign.asp?cid=9825
>
> Need further assistance? Visit McAfee Support.
> ==> http://us.mcafee.com/root/support.asp
>
> View our privacy policy.
> ==> http://us.mcafee.com/root/campaign.asp?cid=8207
>
> McAfee is a business unit of Network Associates, Inc.
> 3965 Freedom Circle, Santa Clara, CA 95054, (408) 992-8599
> © 2004, Networks Associates Technology, Inc. All Rights Reserved.
>
>

Regards,

--
Jeffrey A. Williams
Spokesman for INEGroup LLA. - (Over 134k members/stakeholders strong!)
"Be precise in the use of words and expect precision from others" -
    Pierre Abelard

"If the probability be called P; the injury, L; and the burden, B;
liability depends upon whether B is less than L multiplied by
P: i.e., whether B is less than PL."
United States v. Carroll Towing  (159 F.2d 169 [2d Cir. 1947]
===============================================================
Updated 1/26/04
CSO/DIR. Internet Network Eng. SR. Eng. Network data security
IDNS. div. of Information Network Eng.  INEG. INC.
E-Mail jwkckid1@xxxxxxxxxxxxx
 Registered Email addr with the USPS
Contact Number: 214-244-4827





<<< Chronological Index >>>    <<< Thread Index >>>