Jdbgmgr hoax back w/ a Bugbear twist

Discussion in 'malware problems & news' started by discogail, Oct 7, 2002.

Thread Status:
Not open for further replies.
  1. discogail

    discogail Security Expert

    Joined:
    Feb 9, 2002
    Posts:
    151
    THE HOAX IS an old trick, a mass e-mail which warns recipients that there’s a virus on their machine called Jdbgmgr.exe. The file is a legitimate system file needed to run Java programs, and it’s normally displayed with a bear icon.
    But the e-mail instructs recipients to find the file and delete it immediately.
    The hoax is now more convincing, because recipients associate the bear icon with the Bugbear virus, according to Craig Schmugar, a virus research engineer for Network Associates Inc.
    “The confusion is coming in part because of the virus name, and because the icon in question is a teddy bear. And the hoax has been tweaked to reference this new virus,” Schmugar said.
     
  2. Randy_Bell

    Randy_Bell Registered Member

    Joined:
    May 24, 2002
    Posts:
    3,004
    Location:
    Santa Clara, CA
    discogail, that's really interesting: do you have the link to the article from which you quoted here? I didn't see it in your post; and I'd like to read the entire article if I may ... thanks. Funny, I'm active at dslreports, and there must have been about twenty threads there, over the past year, concerning this hoax. It seems some people never give up trying to fool others. :D
     
  3. Pieter_Arntz

    Pieter_Arntz Spyware Veteran

    Joined:
    Apr 27, 2002
    Posts:
    13,312
    Location:
    Netherlands
    Hi Randy_Bell,

    I don't know where discogail found it, but check this on out: http://www.vet.com.au/html/zoo/local/zoo_descriptions/jdbgmgrexe_hoax.htm

    Regards,

    Pieter
     
  4. LowWaterMark

    LowWaterMark Administrator

    Joined:
    Aug 10, 2002
    Posts:
    17,842
    Location:
    New England
  5. Randy_Bell

    Randy_Bell Registered Member

    Joined:
    May 24, 2002
    Posts:
    3,004
    Location:
    Santa Clara, CA
    Thanks Pieter!! I noticed the following interesting comment in your article:
    I didn't know that the JDBGMGR.EXE file was also being used to propagate Magistr -- that's new to me. I was only aware of the hoax. In the case of the file infected with Magistr, I no longer regard that as a hoax, but a real virus infection.

    Warmly, Ran
     
  6. Pieter_Arntz

    Pieter_Arntz Spyware Veteran

    Joined:
    Apr 27, 2002
    Posts:
    13,312
    Location:
    Netherlands
Loading...
Thread Status:
Not open for further replies.