Re: FBI Virus Alerts

From: David Kennedy CISSP (david.kennedyat_private)
Date: Fri Sep 28 2001 - 19:21:08 PDT

Next message: Chris Salter: "Re: FBI Virus Alerts"

Previous message: Ben McGinnes: "Re: Hacked using vulnerable FTP daemon."
In reply to: info: "Re: FBI Virus Alerts"
Next in thread: Chris Salter: "Re: FBI Virus Alerts"
Next in thread: Krul Thomas: "RE: FBI Virus Alerts"
Reply: Chris Salter: "Re: FBI Virus Alerts"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

-----BEGIN PGP SIGNED MESSAGE-----

At 08:38 AM 9/28/01 +0200, info wrote:
>Also sprach twistsiwtat_private um 17:03 Uhr +0000 am 27.09.2001:
>>(...) He said that the FBI
>>have just finnished a meeting with many of the major software
>>vendors regarding a flood of new Terrorist related viruses about to
>>be released in the next couple of hours. (...)
>
>
>2001/9/27
>
>17:21 GMT +0100
>
>>>>  W32/Vote-B / TROJ_VOTE.C
>
>[Viruses & Worms] Sophos and Trend Micro report a "severe outbreak" 
>of a variant of day before yesterday's W32/Vote-A alias 
>Win32.Vote.A@mm, W32.Vote.A@mm, that deletes files from infected
>hard  drives.

Except neither Sophos nor Trend are reporting a severe outbreak:

http://www.sophos.com/
	Click on the links for the three Vote variants and they report just
one report of Vote.A and zero of Vote.B and zero of Vote.C

http://wtc.trendmicro.com/wtc/
	Neither the real-time nor the daily include any flavor of Vote

Message Labs reports zero Vote.

Very little traffic on ACV and what there is seems to be inquisitive
not reporting, alarming or asking for recovery assistance.

conclusion: Vote is an artifact of idle journalists needing something
to write about.



-----BEGIN PGP SIGNATURE-----
Version: PGP Personal Privacy 6.5.8
Comment: hacker=cybercriminal--the definition changed; get over it

iQCVAwUBO7UwC/GfiIQsciJtAQEC+gP/aPeothGK6oSja+pNaEoVLls6TWASY5aA
21eKTEq9uZLsSh9FqWEP5xA/OqbPVDM5WEeV6LVHf0mbQDdJgnrBetSSHMo8vKJV
AjllPbmf0SJEEFknt9fSac0ukFzueK7hTH57+f/kFklPgHeNf+C4GO2TPwoD4P35
4EGtqwcglqY=
=LRJp
-----END PGP SIGNATURE-----

-- 
Regards,

David Kennedy CISSP
Director of Research Services, TruSecure Corp. http://www.trusecure.com
Protect what you connect.
Look both ways before crossing the Net.


----------------------------------------------------------------------------
This list is provided by the SecurityFocus ARIS analyzer service.
For more information on this free incident handling, management 
and tracking system please see: http://aris.securityfocus.com

Next message: Chris Salter: "Re: FBI Virus Alerts"
Previous message: Ben McGinnes: "Re: Hacked using vulnerable FTP daemon."
In reply to: info: "Re: FBI Virus Alerts"
Next in thread: Chris Salter: "Re: FBI Virus Alerts"
Next in thread: Krul Thomas: "RE: FBI Virus Alerts"
Reply: Chris Salter: "Re: FBI Virus Alerts"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Sat Sep 29 2001 - 02:10:51 PDT