FriendlyGreetings spam/malware

[marti]

What is ESET's position on this malware?

McAfee doesn't consider it a virus, but has added (or will add) it to their definitions: http://vil.nai.com/vil/content/v_99760.htm

Symantec has a write up, but has not added it to their definitions: http://securityresponse.symantec.com/avcenter/venc/data/friendgreetings.html

CA/eTrust has a write up, but no definition: http://www3.ca.com/virusinfo/virus.asp?ID=13444

[CARCHARODON]

I'll tell you I'm not a big fan of it.. Its just a worm that askes for Permission.... thanks Marti.

[marti]

I have seen warnings about "friendly greetings" posted in Wilders (not sure which forum), DSLR, and PC Q&A.

My position is that the AV folks should include it in their definitions, as it does send an email to everyone in your address book (Microsoft programs only).

[LowWaterMark]

Quote:

quoting: marti link=board=35;threadid=4436;start=0#28934 date=1035607571]My position is that the AV folks should include it in their definitions, as it does send an email to everyone in your address book (Microsoft programs only).

Yes, that is pretty bad. They can say, well, "People need to read the EULA", but I think people just look for the fastest way to get those off their screens.

Here's the related link on Wilders:

http://www.wilderssecurity.com/showt...=0;boardseen=1

[marti]

Good old "social engineering" at work. Real viruses use it, and use it effectively.

[rodzilla]

Quote:

quoting: marti link=board=35;threadid=4436;start=0#28930 date=1035606813]
What is ESET's position on this malware?

McAfee doesn't consider it a virus, but has added (or will add) it to their definitions: http://vil.nai.com/vil/content/v_99760.htm

Symantec has a write up, but has not added it to their definitions: http://securityresponse.symantec.com/avcenter/venc/data/friendgreetings.html

CA/eTrust has a write up, but no definition: http://www3.ca.com/virusinfo/virus.asp?ID=13444

My own gut feeling is that it should be included ... after all, it is a worm ... just a worm which asks for your permission to do its worming.

I don't like what it does, and in my opinion the EULA doesn't warn strongly enough that you'll spam everyone you know if you agree to it ... but a judge may consider it to be a legitimate program, in which case there would be legal ramifications if antivirus software detected and blocked it as a virus.

The other side of the coin of course is that if this spamware is legally declared kosher by a judge than virus coders could conceivably use that precedent to "legalize" the spreading of their own little nasties simply by tagging on ambiguous EULAs.

Maybe a new virus category ... "Legal Worm" ... is needed.