from GOtApex
VBS/Staple is a mass mailing worm written in Visual Basic Script.
VARIANT: Staple.A
This worm arrives in a email message with the following content:
Subject: RE:Injustice
Body: Dear
Did you send the attached message, I was not expecting this from you !
Attachment: injustice.TXT.vbs
When executed, the worm copies itself to the Windows System directory as "injustice.TXT.vbs". Then it sends itself to 50 random recipients from each address book. The worm also sends several infected messages to email addresses in Israel. Next the worm shows a message related to Middle-East war. Finally VBS/Staple.A opens six Internet Explorer browser windows, and connects to related web sites.
VARIANT: Staple.B
The second variant of VBS/Staple propagates in messages that have following content:
Subject: hotstuff for you
Body: Dear
CHEK THE ATTACHED HOT STUFF .. !
Attachment: hotstuff.gif.vbs
Otherwise VBS/Stable.B@mm behaves like the original one.
another virus making the rounds
another virus making the rounds
<a href="http://www.heatware.com/eval.php?id=123" target="_blank" >Heatware</a>
Why in the world do people continue writing viruses. I just can't see how people get off on doing destructive things to peoples/businesses computers. Some people are so damn malicious it's sad.
I got my first virus a week or so ago ( cause i wasn't running NAV at the time, for awhile at that). I got NIMDA, but the funny thing is, all the infected files (370 total) were inside one directory (IIS\scripts). I thought NIMDA sent itself out in emails attached to your address book. So why was it sitting in scripts for webhosting services? Didn't make sense.
I got my first virus a week or so ago ( cause i wasn't running NAV at the time, for awhile at that). I got NIMDA, but the funny thing is, all the infected files (370 total) were inside one directory (IIS\scripts). I thought NIMDA sent itself out in emails attached to your address book. So why was it sitting in scripts for webhosting services? Didn't make sense.
-
Kakarot
- Golden Member
- Posts: 1713
- Joined: Wed Nov 22, 2000 8:26 am
- Location: Chicago Land Area
- Contact:
One of the main things nimda did was infect IIS servers and the websites hosted by them.. so that whenever someone came and visited one of those websites nimda would attempt to use a security hole in IE on the clients machine to automatically infect them without them knowing or doing anything besides browsing the web.Originally posted by LikeLinus
Why in the world do people continue writing viruses. I just can't see how people get off on doing destructive things to peoples/businesses computers. Some people are so damn malicious it's sad.
I got my first virus a week or so ago ( cause i wasn't running NAV at the time, for awhile at that). I got NIMDA, but the funny thing is, all the infected files (370 total) were inside one directory (IIS\scripts). I thought NIMDA sent itself out in emails attached to your address book. So why was it sitting in scripts for webhosting services? Didn't make sense.
"Why build only one when you can build two for twice the price?"
<a href="mailto:murphy@excaltech.com">Email</a>
<a target=NEW href="http://www.heatware.com/eval.php?id=377">Heatware evals</a>
<a href="mailto:murphy@excaltech.com">Email</a>
<a target=NEW href="http://www.heatware.com/eval.php?id=377">Heatware evals</a>
Here is another one that is really nasty. This one formats your HD!!!
http://www.theregister.co.uk/content/56/23652.html
Wahoo!!! It's not even VB, it is JavaScript.
http://www.theregister.co.uk/content/56/23652.html
Wahoo!!! It's not even VB, it is JavaScript.
- p o o p