http://www.siliconvalley.com/mld/siliconvalley/3309078.htm [I will say that I did get several copies of the mail/virus mentioned below, and unlike the teeming hundreds that have sent out the Klez virus to addresses here, the State Department sent out an apology note for the virus, which is a first in my book. - WK] May. 21, 2002 WASHINGTON (AP) - The State Department's e-mail identity was forged by a computer virus that sent itself to law enforcement and media outlets across the country, a department official said Tuesday. Variants of the virus, called Klez, have been spreading since the late 1990s and are transmitted through e-mails and attachments. Klez does not destroy computer files but can clog up mail systems and corporate networks. Saturday, the virus sent hundreds of e-mails with the return address of the State Department's public affairs office, said a State Department official, speaking on the condition of anonymity. A computer is infected with Klez the moment a computer user opens an e-mail attachment containing the virus. Once loose, the virus seeks out and copies e-mail identities stored in the computer user's programs. The virus spreads by sending itself to the addresses contained on stolen ``listservs,'' or electronic mailing lists. The virus could have gained a copy of the State Department's listserv from any computer it infected on which a user had received an e-mail from the department. It may have infected a computer at the State Department, the State official said. The process is called ``spoofing'' by Internet hackers. ``The virus would never had to have had access to a single State Department computer to have spoofed the address,'' said Steve Trilling, senior director of research at the Internet security firm Symantec. ``It's like tacking on a false return address on a letter and sending it to someone who is used to receiving mail from that address. They are much more likely to open it than if it came from a stranger.'' The State Department sent an apology to those who received the e-mail. - ISN is currently hosted by Attrition.org To unsubscribe email email@example.com with 'unsubscribe isn' in the BODY of the mail.
This archive was generated by hypermail 2b30 : Wed May 22 2002 - 04:13:53 PDT