GoFuckYourself.com - Adult Webmaster Forum - View Single Post

tha_timinator · 11-26-2001, 12:46 AM

hi all,

this morning i got infected by the BadTrans virus ( http://vil.nai.com/vil/virusSummary.asp?virus_k=99069 )...
Accordign to this page it exists since april 11 2001 but this is the first time i received the virus plus i've read a couple of other sites whose earliest reports are from yesterday. so i think it became kinda active lately... that's why i thought let's warn you guys.

you receive it through a subjectless e-mail and it runs automatically when viewing the mail (thanks to outlook express' security leak (which can only be fixed using a patch if you have outlook with service pack 2 (while i have sp1)))

what is does is it tries to send itself to as much people as possible BUT the weird thing about it is that it DOES NOT send to the people in your addressbook (like all common worms do , as far as i know) but it looks like it fetches e-mailaddress from the websites in your cache!!! now have you ever heard of _that_ !?!?

another nasty thing is that it also installs a keylogger and then tries to send the keylogs to the virus' author. This means that if you have the virus installed and you fill in you credit card number at some site or whatever the number might leak to the virus' author!!

in brief; pretty damn important to get rid of the virus!

p.s. i tried to clean my system using the DAT update of McAfee first but that didn't seem to work... so i cleaned my system manually after that and ever since i think i'm clean... so if you're infected i advise you to clean manually...

well, hope this helps to prevent.

Greets,
Tha Timinator.

11-26-2001, 12:46 AM
tha_timinator Confirmed User Join Date: Jan 2001 Location: Amsterdam, the Netherlands Posts: 590	ATTENTION: BadTrans Virus!!! hi all, this morning i got infected by the BadTrans virus ( http://vil.nai.com/vil/virusSummary.asp?virus_k=99069 )... Accordign to this page it exists since april 11 2001 but this is the first time i received the virus plus i've read a couple of other sites whose earliest reports are from yesterday. so i think it became kinda active lately... that's why i thought let's warn you guys. you receive it through a subjectless e-mail and it runs automatically when viewing the mail (thanks to outlook express' security leak (which can only be fixed using a patch if you have outlook with service pack 2 (while i have sp1))) what is does is it tries to send itself to as much people as possible BUT the weird thing about it is that it DOES NOT send to the people in your addressbook (like all common worms do , as far as i know) but it looks like it fetches e-mailaddress from the websites in your cache!!! now have you ever heard of _that_ !?!? another nasty thing is that it also installs a keylogger and then tries to send the keylogs to the virus' author. This means that if you have the virus installed and you fill in you credit card number at some site or whatever the number might leak to the virus' author!! in brief; pretty damn important to get rid of the virus! p.s. i tried to clean my system using the DAT update of McAfee first but that didn't seem to work... so i cleaned my system manually after that and ever since i think i'm clean... so if you're infected i advise you to clean manually... well, hope this helps to prevent. Greets, Tha Timinator.