Dear Friends, "BadTrans.B is a retooled version of a worm that was first released in April."
I find the timing to be curious. Just now, all dressed up and going everywhere Windoze can send it. "Cluley said that once the virus is active on a system, BadTrans.B will e-mail itself to addresses contained in e-mail address books, Web cache and the "My Documents" folder. If the virus sends itself to an e-mail address found on the hard drive rather than in the address book, then it will simply use the subject line 'Re:'." Including places you never thought Windoze could find. "BadTrans.B also randomly generates a file name for the infected attachment, using a variety of different phrases." It hides itself cleverly... "Once active on a system, BadTrans.B activates a Trojan horse program that will attempt to monitor the infected system and record user names, passwords and other sensitive data and forward them to a designated e-mail address on free e-mail service MailandNews.com." ...and it does password logging and captures usernames. Huh. "'The fact that BadTrans.B can log private details through keystrokes has huge implications for personal and corporate confidentiality, and underlines the recent advances in virus-writing techniques,' Sunner said." Yep. And we know of a group with a sudden interest in, and recent Congressional authorization for, exploiting those advances. "Whether the e-mail address that the private information is relayed to belongs to the worm's author is still unknown, Cluley and Sunner said. E-mails sent to the address have neither bounced back nor netted a reply from a recipient. The MailandNews service did not immediately reply to inquiries." Would it not be ultra-cool if MailandNews.com wrote back to say, "We cannot divulge the ownership of that account due to national security considerations."?! <grin> Fun speculation. The above is speculation, it is only speculation, and any similarity to heavy-handed cynicism was deliberate. Regards, Jim http://www.Cambist.net/ --> spend e-gold as GoldMoney http://www.Cambist.net/ --> spend goldgrams as e-gold --- You are currently subscribed to e-gold-list as: archive@jab.org To unsubscribe send a blank email to [EMAIL PROTECTED] http://www.e-gold.com/stats.html lets you observe the e-gold system's activity now!