Third Yaha variant on this week

Hello everybody

I got third Yaha variant on this week. They all are as email attachements.

1. KOF_Fighting.exe 46942

2. KOF_The_Game.exe 46942

3. Received
via tmail-2001q (invoked by user imapd) for i5509510.20; Tue, 7 Jan 2003 00:14:32 +0200 (EET)

Received
from fe02.mail.jippii.net (fe02.mail.jippii.net [195.197.172.101]) by be60.mail.jippii.net (Postfix) with ESMTP id 79F48734A8 for <i5509510@be60.mail.jippii.net>; Tue, 7 Jan 2003 00:14:32 +0200 (EET)

Received
from fe.mail.jippii.net (pool-151-205-8-249.clrk.east.verizon.net [151.205.8.249]) by fe02.mail.jippii.net (8.12.3/8.12.1) with SMTP id h06METBA007293 for <XXXX@XXXXXi>; Tue, 7 Jan 2003 00:14:29 +0200 (EET)

Message- Id
<200301062214.h06METBA007293@fe02.mail.jippii.net>

From
Club Jenna <admin@clubjenna.com>

To
XXXXX@XXXXX

Subject
Screensavers from Club Jenna

Date
Mon,06 Jan 2003 17:14:38 PM

X-Mailer
Microsoft Outlook Express 5.50.4133.2400

MIME- Version
1.0

Content- Type
multipart/mixed; boundary=#r0xx#


Hello,
Looking for some Hardcore mind boggling action ?
Install the attached browser software and browse
across millions of paid hardcore sex sites for free.
Using the software you can safely and easily browse
across most of the hardcore XXX paid sites across the
internet for free. Using it you can also clean all
traces of your web browsing from your computer.

Note:The attached browser software is made exclusivley
for demo only. You can use the software for a limited
time of 35 days after which you have to register it
at our official website for its furthur use.

Regards,
Admin.

Attachement: Sexy_Jenna.scr 46942

More details at :
http://searchsecurity.techtarget.com/originalContent/0,289142,sid14_gci871701,00.html

*Ari*

 

Hi Paul

Yes, they found my "secret" email account . I just reported for those "wormspams". I do not know if it helps any, atleast I tried.
Thanks for warning, never too cautious on these days...

And I found Randy Bells information too, Thanks for Randy !! Very Good job indeed, and we all respect that work for free more than anyone knows, or how.

*Ari*

 

And Verizons reply for my report :

Thank you for your E-mail message to Verizon Online Abuse.

We apologize for any inconvenience the reported incident has caused you.
Because we receive a large number of complaints each day, regretfully, a
response to each message is not possible.

Verizon Online Security investigates each reported incident, and will
take the appropriate action as permitted by Verizon's Internet Access
Agreement and Acceptable Use Policy, which can be viewed at the website
listed below.

Additionally, you may find the following pertinent information
beneficial:

To better understand the problems with Unsolicited Commercial E-mail
("spam"), we have provided information about filtering Spam with your
e-mail software, answers to several frequently asked questions and links
to some useful online information about Spam:

http://www2.verizon.net/announcements/spam.asp
http://www2.verizon.net/contact/spam.asp

If you are reporting an unauthorized access attempt, please note that we
cannot take action if the offender is not a Verizon Online Customer.
These reports will need to be sent directly to the Internet Service
Provider/IP space owner used by the offender.

The following web site may be helpful in determining the owner of the
originating IP space:

http://www.arin.net/whois

Additionally, for faster routing, future unauthorized access attempts
(hacking, port probes, etc.) may be sent directly to
security@verizon.net.

Sincerely,
Verizon Online Abuse
http://www2.verizon.net/policies
abuse@verizon.net

*Ari*

 

I got the damn fourth variant of the worm http://skins.hotbar.com/skins/mailskins/em/062802/062802fire_prv.gif . This is not going to end, isn´t it ?
Well, I go this way now ---> http://skins.hotbar.com/skins/mailskins/em/033102/033102ass_1_prv.gif . They can not hurt if you know your enemy !

*Ari*