Wilders Security Forums  

Go Back   Wilders Security Forums > Other Security Topics > malware problems & news
Reload this Page VBS/VBSWG.AQ@mm
User Name
Password
Register FAQ Members List Calendar Search Today's Posts Mark Forums Read

 
 
Thread Tools Search this Thread
  #1  
Old June 6th, 2002, 01:53 PM
Technodrome's Avatar
Technodrome Technodrome is offline
Global Moderator
  
Join Date: Feb 2002
Location: New York
Posts: 2,140
Default VBS/VBSWG.AQ@mm
Name: VBS/VBSWG.AQ@mm
Aliases: Shakira's Pics
Type: Internet Worm
Discovery Date: 06 June 2002

Description:

VBS/VBSWG.AQ@mm is an encrypted worm written in VBScript. This worm arrives as an email containing the following information:

Subject: Shakira's Pics
Message: Hi : i have sent the photos via attachment have funn...
Attachment: ShakiraPics.jpg.vbs
When this attachment is double clicked, the worm is executed and it will copy itself to the Windows System directory.

A message is then displayed with the following text:

You have been infected by the ShakiraPics Worm
VBS/VBSWG.AQ@mm will also email a copy of itself to recipients in the Microsoft Outlook address book.

source: http://www.command.co.uk


Technodrome
__________________
Classic Trance Hit: PPK - Resurrection
  #2  
Old June 6th, 2002, 05:49 PM
Bouch Bouch is offline
Infrequent Poster
  
Join Date: Apr 2002
Location: Toronto Canada
Posts: 26
Default Re: VBS/VBSWG.AQ@mm
Thanks for the info Technodrome. Of course, if one has a firewall that would rename the file because of the vbs extension, or a program like Script Sentry or, better still, Wormguard that would jump on the file because of two file extensions, I suppose that it wouldn't represent that much of a threat. Regards.
__________________
Artificial intelligence may well lead to natural stupidity.
  #3  
Old June 6th, 2002, 05:49 PM
FanJ
 
Posts: n/a
Default Re: VBS/VBSWG.AQ@mm
See also:

http://www.security-pro.co.uk/yabb/YaBB.pl?board=virusesworms;action=display;num=1023310540
  #4  
Old June 6th, 2002, 06:45 PM
Technodrome's Avatar
Technodrome Technodrome is offline
Global Moderator
  
Join Date: Feb 2002
Location: New York
Posts: 2,140
Default Re: VBS/VBSWG.AQ@mm
Quote:
Thanks for the info Technodrome. Of course, if one has a firewall that would rename the file because of the vbs extension, or a program like Script Sentry or, better still, Wormguard that would jump on the file because of two file extensions, I suppose that it wouldn't represent that much of a threat. Regards.

Simply, you are right Bouch !


Technodrome
__________________
Classic Trance Hit: PPK - Resurrection
  #5  
Old June 7th, 2002, 07:44 AM
Checkout's Avatar
Checkout Checkout is offline
Security Rhinoceros
  
Join Date: Feb 2002
Posts: 1,226
Default Re: VBS/VBSWG.AQ@mm
Strange, I've been getting this one for a while but didn't realise it was a nasty - simply because I delete stuff I'm obviously not interested in! *I wonder how many other nasties I've avoided through disinterest in the subject line? *
__________________
My Novel
  #6  
Old June 8th, 2002, 05:04 PM
Bouch Bouch is offline
Infrequent Poster
  
Join Date: Apr 2002
Location: Toronto Canada
Posts: 26
Default Re: VBS/VBSWG.AQ@mm
Quote:
I wonder how many other nasties I've avoided through disinterest in the subject line?
Any way to avoid them is a good way. Let's hope that the writers of nasties do not become more imaginative when creating subject lines. Dull and uninteresting works for me.
__________________
Artificial intelligence may well lead to natural stupidity.
 

Wilders Security Forums > Other Security Topics > malware problems & news « Previous Thread | Next Thread »

Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Settings
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
vB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Forum Jump


All times are GMT -4. The time now is 08:01 AM.

Contact Us - SSL - Wilders Security - Archive - TOS/Privacy - Top

Powered by vBulletin® Copyright ©2000 - 2013, Jelsoft Enterprises Ltd.
Copyright ©2002 - 2013, Wilders Security Forums