| View previous topic :: View next topic |
| Author |
Message |
mindmetoo
Joined: 02 Feb 2004
|
 Posted: Thu Apr 28, 2005 6:59 am Post subject: Virus from [email protected]? |
 |
|
I took a look for a change in my bulk mail folder and found a series of emails proporting to come from [email protected]. They had an attached zip file. All very suspect. A virus scan reveals the zip contains:
File name: text.zip
File size: 51kb
File type: application/octet-stream
Scan result: Virus "W32.Mytob.BE@mm" found.
Cute.
Headers on the email:
X-Message-Status: n
X-SID-PRA: [email protected]
X-SID-Result: TempError
X-Message-Info: 6sSXyD95QpX1I8dSyj85KNO3F/iZ0/on2x0yF7C3P3s=
Received: from eslcafe.com ([211.184.88.129]) by mc9-f35.hotmail.com with Microsoft SMTPSVC(6.0.3790.211);
Tue, 26 Apr 2005 19:32:32 -0700
From: [email protected]
To: [email protected]
Subject:
Date: Wed, 27 Apr 2005 11:32:34 +0900
MIME-Version: 1.0
Content-Type: multipart/mixed;
boundary="----=_NextPart_000_0012_91C5705C.52A82275"
X-Priority: 3
X-MSMail-Priority: Normal
Return-Path: [email protected]
Message-ID: <[email protected]>
X-OriginalArrivalTime: 27 Apr 2005 02:32:32.0667 (UTC) FILETIME=[5D77A6B0:01C54AD1] |
|
| Back to top |
|
 |
cheem
Joined: 18 Apr 2003
|
| Posted: Thu Apr 28, 2005 7:50 am Post subject: |
|
|
| Is the hotmail account you received this email the same account you used to register for this forum? Looks like the eslcafe.com server may have been comprimised. I guess we'll soon find out. |
|
| Back to top |
|
|
Draven
Joined: 03 Feb 2003
|
| Posted: Thu Apr 28, 2005 3:09 pm Post subject: |
|
|
| Certainly it could be 'cuz mindmetoo hasn't hidden his email addy on this forum, right? |
|
| Back to top |
|
|
mindmetoo
Joined: 02 Feb 2004
|
| Posted: Thu Apr 28, 2005 4:38 pm Post subject: |
|
|
| cheem wrote: |
| Is the hotmail account you received this email the same account you used to register for this forum? Looks like the eslcafe.com server may have been comprimised. I guess we'll soon find out. |
Yeah it's the same. |
|
| Back to top |
|
|
mindmetoo
Joined: 02 Feb 2004
|
| Posted: Thu Apr 28, 2005 4:42 pm Post subject: |
|
|
| Draven wrote: |
| Certainly it could be 'cuz mindmetoo hasn't hidden his email addy on this forum, right? |
The email account I use for this board is a "throw away" email account I use for most message boards, torrent tracker sites, etc. Once in a blue moon I check it, mostly to empty it out. |
|
| Back to top |
|
|
Draven
Joined: 03 Feb 2003
|
| Posted: Thu Apr 28, 2005 5:34 pm Post subject: |
|
|
| Right, I understand. My point was that your email address is public to anyone who surfs on over to this site, so it's probably not a case of someone hacking into Dave's server. In the profile section, I've kept my email hidden and haven't received any of those emails. |
|
| Back to top |
|
|
Demonicat
Joined: 18 Nov 2004
Location: Suwon
|
| Posted: Thu Apr 28, 2005 7:27 pm Post subject: |
|
|
| I've been getting them too, and not just from daves but random things as well. Pehaps this is a ninja Korean's way of shutting us down like spectrum |
|
| Back to top |
|
|
mindmetoo
Joined: 02 Feb 2004
|
| Posted: Thu Apr 28, 2005 9:43 pm Post subject: |
|
|
| Demonicat wrote: |
| I've been getting them too, and not just from daves but random things as well. Pehaps this is a ninja Korean's way of shutting us down like spectrum |
Yeah that's what I was thinking. I've been getting a couple non-Daves emails with the same virus but from Koreanish domains. Now many viruses look at a person's address book and then forge emails to look like they're coming from those. It wouldn't be surprising if someone on Dave's is infected and has jointly emailed you and I at some point. Or it could be some over bored Korean script kiddy trying to strike back at us white folk her to despoil their women. |
|
| Back to top |
|
|
hypnotist
Joined: 04 Dec 2004
Location: I wish I were a sock
|
| Posted: Thu Apr 28, 2005 11:52 pm Post subject: |
|
|
| mindmetoo wrote: |
Yeah that's what I was thinking. I've been getting a couple non-Daves emails with the same virus but from Koreanish domains. Now many viruses look at a person's address book and then forge emails to look like they're coming from those. It wouldn't be surprising if someone on Dave's is infected and has jointly emailed you and I at some point. Or it could be some over bored Korean script kiddy trying to strike back at us white folk her to despoil their women. |
Mine ALL come from a computer in India (or at least from an address owned by an Indian company), 203.200.x.y.
Check the headers to see where the mails originated. |
|
| Back to top |
|
|
Khunopie
Joined: 21 Oct 2003
Location: Fucking, Austria (pronounced "Fooking")
|
| Posted: Fri Apr 29, 2005 8:55 am Post subject: Re: Virus from [email protected]? |
|
|
Cute? Korean Chix in their frilly pink skirts are cute. Viruses aint cute bro. I recommend a good anti V program. avast.com is a good place to start. I cant help with your girl problems. |
|
| Back to top |
|
|
|
FAQ
Search
Memberlist
Usergroups
Register
Profile
Log in to check your private messages
Log in
