Thread Links			Date Links
Thread Prev	Thread Next	Thread Index	Date Prev	Date Next	Date Index

Re: Beware of Virus zip attachment [Was: SUO: Weah, hello! :-)]

To: standard-upper-ontology@ieee.org
Subject: Re: Beware of Virus zip attachment [Was: SUO: Weah, hello! :-)]
From: Randall R Schulz <rschulz@sonic.net>
Date: Wed, 3 Mar 2004 10:13:14 -0800
In-Reply-To: <785E88EDE495BD488EF00E488E6A4627307654@vtmail.valutech.com>
References: <785E88EDE495BD488EF00E488E6A4627307654@vtmail.valutech.com>
Reply-To: Randall R Schulz <rschulz@sonic.net>
Sender: owner-standard-upper-ontology@majordomo.ieee.org
User-Agent: KMail/1.5.4

Richard,

Opening a straight Zip archive poses no risk in itself. Extracting and 
executing its contents would expose you to malicious code, if any. If the 
archive was equipped with auto-extracting, auto-executing adornments and 
content, then the default "open" action would likewise expose you to any 
malicious code within.

The password issue is a red herring, really. Here's a notice from my ISP 
regarding this new piece of malicious code:

-==--==--==--==--==--==--==--==--==--==--==--==--==--==--==-

Wed Mar  3 09:17:51 PST 2004 -- Virus Alert.  A new variant of the Beagle 
 virus was released yesterday.  The virus spreads through an email
 attachment and is hidden in an attached zip file.  Sonic.net's virus
 scanners began filtering for this variation a few hours after its 
 release.

 For more information on the virus and how to remove it, please visit:

 <http://securityresponse.symantec.com/avcenter/venc/data/
w32.beagle.k@mm.html>
 <http://vil.nai.com/vil/content/v_101061.htm>

   -Sonic.net Support

-==--==--==--==--==--==--==--==--==--==--==--==--==--==--==-

Wed Mar  3 09:17:51 PST 2004 -- VIRUS ALERT.  A new variant of the Beagle 
 virus was released yesterday.  The virus spreads through an email
 attachment and is hidden in an attached zip file.  UPDATE - This virus
 has been mutating extensively, and we are unable to block it's many
 variants at this time.  In addition, most PC anti-virus software is not
 blocking this virus.

 That said, it requires quite a bit of user interaction for the PC to be
 infected.  Uses must open the encrypted ZIP using the password, then run
 the enclosed program.  Needless to say, DON'T DO THIS.

 The virus may pose as a communication from your ISP or mail service
 provider, and may include text which indicates that a security or virus
 problem requires that you open and execute the file.  Don't be fooled!

 For more information on the virus and how to remove it, please visit:

 <http://securityresponse.symantec.com/avcenter/venc/data/
w32.beagle.k@mm.html>
 <http://vil.nai.com/vil/content/v_101061.htm>

   -Sonic.net Support

-==--==--==--==--==--==--==--==--==--==--==--==--==--==--==-

The passwords are not a form of cryptographic protection on the content of 
the Zip archive. Under Linux, e.g., that archive opens without entering 
any password.

Randall Schulz

On Wednesday 03 March 2004 09:42, Richard Cooper wrote:
> Murray,
>
> Do you know if a .zip file without a password
> is safe to open on windows?  I've heard mixed
> rumors on that one, but nobody seems to know
> for sure.
>
> Also, I've gotten half a dozen .zip attachments
> this morning from weird addresses.  Some new
> virus must be out.
>
> Rich

References:
- RE: Beware of Virus zip attachment [Was: SUO: Weah, hello! :-)]
  - From: "Richard Cooper" <rich@valutech.com>

Prev by Date: Re: Beware of Virus zip attachment [Was: SUO: Weah, hello! :-)]
Next by Date: RE: Beware of Virus zip attachment [Was: SUO: Weah, hello! :-)]
Prev by thread: RE: Beware of Virus zip attachment [Was: SUO: Weah, hello! :-)]
Next by thread: Re: Beware of Virus zip attachment [Was: SUO: Weah, hello! :-)]
Index(es):
- Date
- Thread