We requested the cori. Oddly enough the state does this on purpose. I
submitted the false positive to clamav and asked the state if I could speak
with their tech person about alternative ways to securely distrib info.
Windows only and an exe is pretty strange to me. Sounds like a good way to
get
Sounds to me like how one reconfigures a compromised server to deliver a
Trojan.
Unless you had actually requested a CORI, highly unlikely the actual origin is
the stated return address.
Not speaking for $DayJob
___
Discuss mailing list
Discuss@blu.o
Eric Chadbourne wrote:
> I was running clamscan and hit a .exe that's a reported trojan.agobot. dug
> around and found that it came from cori. Apparently they answer electronic
> cori requests with an email link to an executable file.
Sounds like the sort of thing that happens when a Web server