New One

Discussion in 'NOD32 version 2 Forum' started by JimIT, Jun 2, 2005.

Thread Status:
Not open for further replies.
  1. JimIT

    JimIT Registered Member

    Joined:
    Jan 22, 2003
    Posts:
    1,035
    Location:
    Denton, Texas
    Just got an e-mail with a subject line of "Captured! Finally!"

    It's an old trick about Osama Bin Laden being captured, but NOD32 is picking it up as an AH detection, so maybe a bit of new code.

    Heads-up. :doubt:
     
  2. Blackspear

    Blackspear Global Moderator

    Joined:
    Dec 2, 2002
    Posts:
    15,115
    Location:
    Gold Coast, Queensland, Australia
    Just received my invite ;) :D
     

    Attached Files:

  3. quexx88

    quexx88 Registered Member

    Joined:
    Nov 26, 2004
    Posts:
    235
    Location:
    Radnor, Pennsylvania
    Wasn't a virus distributed in nearly exactly the same manner a little while ago? Maybe the authors are running out of ideas ;)
     
  4. webyourbusiness

    webyourbusiness Registered Member

    Joined:
    Nov 16, 2004
    Posts:
    2,640
    Location:
    Throughout the USA and Canada
    well until "he" really is captured (and it could refer to ANYONE) - it's not a "bad" catch-line to entice recipients into opening an email...
     
  5. meichelman

    meichelman Registered Member

    Joined:
    May 13, 2005
    Posts:
    5
    Location:
    San Diego, CA
    What version are you using that this was caught?

    Received this same email. I was able to identify it wasn't something I wanted to run, but NOD32 scanned it as safe. I even saved the attachment to the local drive and ran a manual scan and confirmed that the file inside the .zip file was scanned. Still said it was safe (didn't find a threat). I'm at (was using 20050601 Virus signature):
    --------------------
    NOD32 antivirus system information
    Virus signature database version: 1.1125 (20050603)
    Dated: Friday, June 03, 2005
    Virus signature database build: 5701

    Information on other scanner support parts
    Advanced heuristics module version: 1.015 (20050602)
    Advanced heuristics module build: 1083
    Internet filter version: 1.002 (2004070:cool:
    Internet filter build: 1013
    Archive support module version: 1.030 (20050419)
    Archive support module build version: 1117

    Information about installed components
    NOD32 For Windows NT/2000/XP/2003 - Base
    Version: 2.50.16
    NOD32 For Windows NT/2000/XP/2003 - Internet support
    Version: 2.50.16
    NOD32 for Windows NT/2000/XP/2003 - Standard component
    Version: 2.50.16

    Operating system information
    Platform: Windows XP
    Version: 5.1.2600 Service Pack 2
    Version of common control components: 5.82.2900
    RAM: 1024 MB
    Processor: Intel(R) Pentium(R) M processor 2.00GHz (598 MHz)
    --------------------

    # m a r t y
     
  6. Blackspear

    Blackspear Global Moderator

    Joined:
    Dec 2, 2002
    Posts:
    15,115
    Location:
    Gold Coast, Queensland, Australia
    Hi Meichelman, welcome to Wilders.

    I am using 2.50.19

    Cheers :D
     
  7. JimIT

    JimIT Registered Member

    Joined:
    Jan 22, 2003
    Posts:
    1,035
    Location:
    Denton, Texas
    And here's a report on this very trojan--which apparently didn't fool as many people as the idjits thought it would:

    Report
     
  8. Stephanos G.

    Stephanos G. Registered Member

    Joined:
    Mar 29, 2005
    Posts:
    720
    Location:
    Cyprus
    Top Internet News Headlines
    Virus claiming Bin Laden arrest fools few on Web
    7 hr 33 min ago
    SAN FRANCISCO (Reuters) - A new computer virus in e-mails claiming that Osama Bin Laden has been arrested has failed to lure many users to open dangerous attachments, despite its high-profile headline, security software makers said on Friday.

    The virus began circulating in the past day and is one of several Bin Laden-type viruses that have been distributed on the Internet since May 2004. The current virus has a subject line claiming Bin Laden has been arrested.

    The U.S. government has been hunting Bin Laden since 2001, and holds him responsible for the Sept. 11, 2001, attacks on the United States. He has not yet been found.

    To become infected, a user has to click onto an attachment inside the e-mail to activate malicious code which allows a computer hacker to later use the infected computer to send spam and other nuisances on the Web.

    Oliver Friedrichs, a senior manager at the security response team at Symantec Corp., the world's biggest maker of security software, said only 10 of several thousand customers had alerted the company on Friday about the virus.

    Symantec rates the virus a "2" on a scale of "5," which is the most threatening.

    McAfee Inc., the second-biggest security software maker, said it had seen few infections caused by the e-mail virus.
     
Thread Status:
Not open for further replies.