DV Info Net - Virus masquerades as PayPal notice

DV Info Net (https://www.dvinfo.net/forum/)

- The TOTEM Poll: Totally Off Topic, Everything Media (https://www.dvinfo.net/forum/totem-poll-totally-off-topic-everything-media/)

- - Virus masquerades as PayPal notice (https://www.dvinfo.net/forum/totem-poll-totally-off-topic-everything-media/17406-virus-masquerades-paypal-notice.html)

Virus masquerades as PayPal notice

I thought it might be worth mentioning this since I know a number of people around here use PayPal. I've started getting these bogus PayPal account expiration notices. I thought it was strange since I couldn't recall ever opening a PayPal account, so I just deleted them and didn't think anything else about it. But obviously people are getting taken in by this and it's spreading...

http://www.sophos.com/virusinfo/anal...32mimaili.html

Quote:

W32/Mimail-I is a worm which spreads via email using addresses harvested from the hard drive of your computer. All email addresses found on your PC are saved in a file named el388.tmp in the Windows folder.

In order to run itself automatically when Windows starts up the worm copies itself to the file svchost32.exe in the Windows folder and adds the following registry entry:

HKLM\Software\Microsoft\Windows\CurrentVersion\Run\SvcHost32

The emails sent by the worm pretend to come from the email address donotreply@paypal.com, and have the following characteristics:

Subject line: YOUR PAYPAL.COM ACCOUNT EXPIRES

Ha! You beat me to it Boyd, I got the same thing only 20 mins ago

As, always I am thankful I use a Mac and don't have this problem to worry about.

I agree with you Jeff. After all these years (ever since '84) of using Macs, I still have yet to ever experience any tangible virus or hacker problem on any of my Apple Macs, PowerMacs and PowerBooks.

The only one I can recall that ever came close to posing a problem was that silly "AutoPlay Worm" from years ago,,, and it never really was a problem at all, since one simple click-of-the-mouse setting rendered it harmless.

By comparison, my WinDoze desktop and laptop always seem to be besieged by some hack trying to take advantage of all of the MicroSoft backdoor security risks. I wouldn't think of running my peecees these days without Black Ice and Norton AntiVirus running in the background.

- don

My experience is pretty similar, and the autostart worm was also the last one to nail me. But it actually did cause me some problems because at the time I was using 600MB MO cartridges to do daily backups, and the worm propogated to these. I used Norton to fix the problem, but one effect was that the date stamp on lots of my files was messed up. The wreaked havoc with file sync software. As a reminder, I still have some of those files today with goofy dates.

Now people have been prognosticating that the switch to a Unix based OS opens the door to lots of new nasties. Fortunately we haven't really seen any yet. But I consider myself even more immune than most, since these things generally spread via e-mail. I read all my mail on a remote unix host using the text-based "Pine" mail user agent. There's really no way to get a virus since the mail itself never gets onto my machine. I generally don't accept any attachments, but when I do it involves saving them on the remote host then transfering via ftp. Eccentric perhaps, but this is how I've been reading my mail since around 1990... :-)

Hi Boyd,

That is pretty cool.

How do you read your email at home?

- don

<<<-- Originally posted by Don Berube : How do you read your email at home?

I run PINE on a Linux machine which hosts one of our websites. Pine uses a secure IMAP connection to access my inbox on the company mailserver. The mailserver recognizes this host and accepts outgoing SMTP from it. On my Mac(s) I open a shell session using the OSX Terminal program, then use ssh to connect to the remote Linux host where I run Pine. Pine is a simple cursor based program that was written to run on green-screen terminals.

Now under OSX I could eliminate the Linux box and just run Pine on my Mac (there's a version out there). The only problem with this would be sending outgoing mail since I use a variety of machines that can be at different ip addresses. While it would be possible, it would be more awkward to configure our mail server to recognize these (which is necessary to relay SMTP).

Pine used to be popular on campuses since it was easy to implement and allowed users to access their mail from any terminal. I'm surprised to find there are a number of people that still use it. I started out using a similar program, ELM, sometime in the late 80's, then moved to pine sometime after that. In fact, the authors say that PINE is an acronym, "Pine Is Not Elm". Many (if not most) people would find this all very awkward, but as someone who spent years hacking around with Unix, it's a comfortable, even nostalgic environment for me with a 24 line x 80 character interface.

Sorry... showing my age a bit, and also wandering WAY off topic (but this is the TOTEM pole after all!)

Wow Boyd, that is quite impressive.

Reminds me of that warm fuzzy feeling I used to get when I would see some of the MIT people walk around with PC laptops - but they were running Linux OS and apps instead of WinDoze. Have you ever watched the documentary "Revolution OS" ? Excellent film, I always make it a point to watch it when it is on the Sundance Channel.
http://www.revolution-os.com

What was your first computer? Mine was the Timex Sinclair back in the Summer of '82 (I was 19 at the time hehehe)
http://oldcomputers.net/ts1000.html

Check this out, I am sure that you will appreciate the value of APPLE's X11:
http://www.apple.com/macosx/features/x11

- don