New, Nastier version of Loveletter.vbs virus

greenspun.com : LUSENET : TB2K spinoff uncensored : One Thread

here is the link:

http://dailynews.yahoo.com/h/zd/20000518/tc/worm_alert_loveletter_gets_nastier_1.html

I guess I better learn how to hotlink-this is a long url-I guess you'all can go to dailynews.yahoo.com to get article.

This version is truly nasty-sets all your file lengths to zero-your machine will have to be rebuilt-this is NOT a hoax.

-- FutureShock (gray@matter.think), May 19, 2000

Answers

link

Hope that is correct.

-- (Sheeple@Greener.Pastures), May 19, 2000.


The first one didn't work for me. Give this one a try.

-- (Sheeple@Greener.Pastures), May 19, 2000.

http://dailynews.yahoo.com/h/nm/20000519/ts/virus_security_4.html

Friday May 19 10:21 AM ET

U.S. Warns 'NewLove' Computer Scourge on Loose

WASHINGTON (Reuters) - Attorney General Janet Reno warned on Friday that a new, more destructive variant of the ``love bug'' computer scourge is spreading by attachments to e-mail.

Unlike the original ``love bug'' that struck computer networks on May 4 and its copycats, the new ``worm'' can change its subject line and the program code each time it is retransmitted, making it more difficult for users and anti-virus programs to detect, Attorney General Janet Reno told a news conference.

Reno warned computer users that if they received a suspicious e-mail attachment, ``do not open it, even if it comes from a trusted source.''

The FBI-led National Infrastructure Protection Center (NIPC) referred to the scourge as ``polymorphic'' and called it ''NewLove.VBS variant.'' A criminal investigation has been opened, it said.

VBS is a subset of Microsoft Corp.'s (NasdaqNM:MSFT - news) Visual Basic program language used in World Wide Web browsers and certain other software programs.

NIPC chief Michael Vatis said the virus appeared to have started in the United States, ``at least in significant part.''

``The NewLove.VBS variant uses the filename of a file that a user has recently been working on, and places that filename in the subject line of the e-mail transmission,'' an FBI alert said.

``The recipient may think that they have been forwarded a file from a known associate. When the attachment is opened, this worm can damage all files not currently in use, by changing the file extensions to .VBS.

``It can also transmit itself to a new group of victims taken from the current victim's e-mail address book. The new e-mail will have a different subject line taken from a filename that the current victim has recently been working on,'' added the alert posted on the NIPC Web site, www.nipc.gov, at 5 a.m. (0900 GMT).

The latest software scourge, based on the FBI description, appears to be both a ``virus'' and a ``worm.'' Worms propel themselves through networks; viruses destroy files and replicate themselves by manipulating code.

FBI spokeswoman Debbie Weierman said it was too early to determine the origin of the latest virus. A computer student in the Philippines has said he may have accidentally released the ''love bug'' earlier this month, which came with ``I LOVE YOU'' in its subject line.

The NIPC leads the multi-agency U.S. effort to detect, deter and warn of cyber and other threats to critical U.S. systems, including telecommunications, finance and power grids.

-- (news@of.note), May 19, 2000.


Yawn!!!!!!

Is anyone really buying this crap? News? ROLFLMAO, this is pure manufactured crapola for them with agendas. Most of the supposed NEWS is exactly that, advertising. Flipino dude my ass. Anybody see them TV blurbs of this guys arrest? Might as well been Lee Harvey Oswald, script seemed an exact duplicate.

All about bashing Microsoft to open the doors for the laggards who thought that there internet thingee would simply __go away__. How do they do it? Well they just got thru stuffing the Y2k BS down your throat, is this rocket science? Most actually are still under the illusion, "the News", is free? We lost the national press long ago.

Just MHO, what is yours? are you buying this LoveBug crap?

-- Doc Paulie (fannybubbles@usa.net), May 19, 2000.


Good reading........

BTW, they killed Iridium, did anyone care? apparently not. Gee TV Networks and the established News whores are Losing to the digital revolution. Established Analog boobs like them phone companies are losing. Is it getting clearer yet? Bash MS,,,,,tie-up broadband, lada dada da.

-- Doc Paulie (fannybubbles@usa.net), May 19, 2000.



Doc,

Are you a "virus-polly"?

-- Sleuth (watching@you.everywhere), May 19, 2000.


Simple rules to follow:

1. Don't open an attachment from people you don't know

2. Use a virus scanner to scan ALL attachements before you open them

3. Don't open or save attachments with extensions of .exe, .com, .bat, .vba, .vbs, and .dll unless you know what they're for and you've scanned them first.

4. Disable VB Scripting.

As long as you follow these rules, the chances of you getting a virus are very small.

-- Jim Cooke (JJCooke@yahoo.com), May 19, 2000.


You put a technology in the hands of people who do not understand it and they will make mistakes. That is what the makers of these things count on. There are simple ways to prevent the virus' from doing their dirty work, as you have explained, Jim, but "Grandma" with the computer her grandchild gave her will not know what she should or should not do. That goes for most people these days who are venturing on line to take advantage of what the minds of so many who worked so hard for so many years has brought them.

Bring a technology that took years to learn and understand, making it user friendly, which helps change the mindset of what "computing" was all about (the mysteries most never thought they would be able to harness). You really cannot blame individuals for allowing these virus' from entering their computers, you can blame businesses who have not built safeguards against it tho, especially in their employees.

Management is clueless, they usually don't know any more about what standards should be emplimented in their organization than they know what technology should be emplimented. I hate to beat a dead horse, but the training the avarage IT gets does not go far enough in preparing them to understand the degree of effort that must take place in managing the computing arena of businesses. In other words, unless the IT takes it upon themself to go to the extra effort of fereting out all of the "Murphy's Law" possibilities.

-- Cherri (sams@brigadoon.com), May 19, 2000.


Its certainly hit in the Uk today.

-- Chris (griffen@globalnet.co.uk), May 19, 2000.

Doc,

I'm not sure what you are trying to say here.

ILOVEYOU is very real. We have a copy of the script at work. Are you saying that it was released by the .gov?

I think the new variant is also real, but I haven't seen it yet. Part of the problem with a "script" virus is that anyone can get a copy, change it, and send it out again.

Yes, there is alot of MS bashing going on now. Also true, that MS products do have security holes.

I did check out your link, and I agree with much of what they are saying. ILOVEYOU was successful because the AV companies didn't see it before it was released. It didn't matter if you had the absolute latest signature files, because they didn't know about it until it hit.

Tell me more Doc. <:)=

-- Sysman (y2kboard@yahoo.com), May 19, 2000.



Where can LL sign up for it?

-- LL is nutz! nutz! nutz! nutz! nutz! (nutz@nutz.nutz.nutz), May 20, 2000.

Sysman,

Let me attempt to change my style a bit here by asking a few questions and dropping the rants, incoherent preaching, and the like I am so prone to it seems.

OK,,,,What possible reason(s) does anyone beyond those in Cherri's post need to know squat about a LoveBug virus? assuming of course one has never practiced what JimC posted on. Why is this even news? Why does someone, think we need to get involved in this?

Why did FutureShock feel the need to even post this sans any commentary beyond a title?(and I am not picking on FS, could have been anybody posting this). Are folks here asking for virus updates? What is actually news? Is this news? Does it qualify even under the crudest standard that most would find this of interest to them personally?

People will spend time over something as stupid as choosing a toiletpaper, but absorb stories like this Virus crap as if it matter one ioda in their lives without as much as even blinking an eyeball. Is this really about what is in the story? or is it about agenda?

-- Doc Paulie (fannybubbles@usa.net), May 20, 2000.


I think virus alerts create a difficult situation for the media. On one hand, if they do not publish information about viruses that spread quickly and cause serious mail server and / or system problems (i.e. ILOVEYOU, NewLove.A), I think they are doing the computer- illiterate a disservice. On the other hand, if virus alerts frequently make headlines, people will tune them out. I also believe there is probably an agenda in swaying public support to facilitate passing of tough computer laws.

I guess I'm undecided on this one. The press really can't cover virus alerts, but they really can't not cover virus alerts. Sorry for the double negative.

-- aqua (aqu@fin.a), May 20, 2000.


Doc:

I do not understand your point, either. I posted this as a public service to those who lurk here and may not know the basics of virus protection. I think most of the regular posters would never open a suspect attachment, but the lurkers may need the help.

In my industry, Direct Marleting, some REAL damage was done to my clients. Not having access to their computer was news to them, and I am sure the damage done will be in the hundreds of millions. I like most of your posts, Doc, but I am really not sure why you have a problem with my thread-Unfortunately your posts oon this thread seem a bit intellectually arrogant-no offense; it could have been anyone taking offense to my post.

-- FutureShock (gray@matter.think), May 20, 2000.


Doc,

My great uncle was an editor under Hearst for 30 years. I was taught 'honey it's ALL_publicity. You have to figure who wants that information there, and why.'

This point was driven home at the time. There was a front page story about a Brinks robbery. A day or two after, a big movie was released - the plot revolved around a Brinks robbery.

I understand your point, but haven't you yourself ranted about the pitfalls of 'paranoia'. Where do you draw the line?

Do you think the 'great unwashed' technologally naive folks should be protected from information? By whom?

-- flora (***@__._), May 20, 2000.



This one is easy...Simply go to Nipc.gov and click around. Here is a taxpayer funded agency who says their mission is protect the nations infrastructure. There is not a SHRED of Y2k. There is not a SHRED of anything really beyond virus babble and the almighty "we must protect the children". Mission statement, now that one is a laugher. Not convinced? OK use the main link they provide for "security tips"....Information Systems Security Education and Training:Internet Rules Of The Road. For those short on time, simply read the URL in this link, says it all, kiddies.

Swell, they are educating a new generation to be SHEEP. Lost is all the info about how the internet was built to sustain a nuclear strike, but now it is some guy in the Far East without even a computer who threatens life as we know it? and this dribble is worth reporting, no it is not, it is a sexy hook from a FUDster is all it is. Yes unfortunately some were damaged. You learn and move-on.

Rarely is propaganda so "in your face", this pile from Reuters is 100% gold-plated CRAPOLA for agenda. Not even a news story, it is a PR announcement, a sales pitch for justifying the existence of a bunch of do-nothings you pay for.

You make things secure and robust by diversifying ones eggs. Setting up agencies, passing laws, holding hands is destabilizing BY DEFINITION. Course all the "concern" these do-nothings show tends to blind one to the fact they really do nothing but spend YOUR money and are off most days the rest of us have to work.

Paranoia flora? Stupidity is more the issue. Am I paranoid? Well no since I know perfectly well what THEY are upto, kindergarden tricks is about the gist of it. Here we have an example where they do not even attempt to hide the fact they take you and I as juvenile morons, they link to it for us.

I think it time people really understood the extent to which they are being brainwashed. Not a week ago the FBI had a problemo with the gun registartion databas e they run and require for one to practice one's constitutional right to bear arms. If this is not "critical infrastructure" what is? a LoveBug virus? Where was NIPC on this 2 day crisis? Where was even a single post, on this webboard about it? But oh "threaten to even require safety locks", and the Sheep become restless. Here is an actual 2 day BAN, and the sheep sleep? This needs to be discussed, not so much the issues, but the mindset, the battle for your noodle which goes on 24/7 using mostly your money. I will hope you understand what that money represents....your life, your freedom.

-- Doc Paulie (fannybubbles@usa.net), May 20, 2000.


BTW, if you are a hacker or overworked cyber terrorist and need to refresh your "tools", the nipc is there to help you.

Go here..and nipc provides you a nicely formatted list of what you may need to stay current. Course to view them lists, you will need Adobe Acrobat as these are them dreaded pdf files.

The NIPC, helping both sides stay current! this NIPC thing is rich indeed, LOL.

-- Doc Paulie (fannybubbles@usa.net), May 20, 2000.


http://dailynews.yahoo.com/h/ap/20000520/tc/new_love_bug_10.html

Saturday May 20 4:56 AM ET

New Computer Virus Trashes PCs

By PETER SVENSSON, AP Business Writer

NEW YORK (AP) - The spread of a computer virus that could have done more damage than the ``Love Bug'' was nipped in the bud this week as U.S. companies strengthened their defenses against attacks from the Internet.

The virus, dubbed ``NewLove,'' infected thousands of computers around the world on Thursday and Friday, but failed to become an epidemic like the Love Bug that reached millions two weeks ago.

Safeguards put in place on corporate e-mail systems against the earlier virus stopped NewLove's spread. Had awareness not been heightened by the Love Bug, the new virus could have spread very fast and caused untold damage, said Gene Hodges at software company Network Associates Inc. (NasdaqNM:NETA - news) in Santa Clara, Calif.

``In this perspective, 'Love Bug' was a very positive wakeup call,'' he said.

The FBI said the virus shared some characteristics with the Love Bug and launched a search for the creator.

Hodges said a company in Israel was the first to report the virus early Thursday. It shut down its connection to the Internet to curtail the spread, but the virus later surfaced in Europe and the United States.

U.S. companies were quick to protect themselves, Hodges said, a marked difference from their reaction to the spread of the Love Bug.

Hodges said network administrators calling two weeks ago went ``Holy cow! I have 20,000 copies of this on my (e-mail server)! What do I do now?

``This time, they were saying 'I think I'm set, is there anything more I need to do?'''

The Love Bug arrived in e-mails with an ``ILOVEYOU'' subject line that enticed millions of recipients to open the attachment that activated the virus. Once news spread of the threat, infected e-mails were easily detected and deleted.

Estimates of the damage caused range up to $10 billion, mostly in lost work time; the NewLove virus is expected to total much less, despite being more deviously designed.

The subject line of infected e-mail started with ``FW:,'' followed by the name of a recently used file from the sender's computer. The virus thus masqueraded more effectively as a legitimate e-mail, and the changing header made the virus harder to warn against.

Clicking on an attachment to the e-mail activated the virus. Like Love Bug, it would send itself to everybody in the user's address book with a new subject line. It then overwrote most files on the hard drive, rendering the computer useless until the operating system was reinstalled.

Like the Love Bug, NewLove only spread from recipients running Microsoft's Outlook e-mail program. Microsoft will next week release a modification to Outlook designed to stop this kind of virus.

-- (news@of.note), May 21, 2000.


That Outlook fix better be free or Microsoft will have some 'splainin' to do. Having that "executable" hole in their messaging software was just plain sloppy and they owe their customers big-time in getting it closed.

-- DeeEmBee (macbeth1@pacbell.net), May 21, 2000.

I don't get it, what is the threat from these things?.... it's kinda like safe sex.... know your partner and don't open what you don't know.... seems like a no brainer to me.

Unlike real life, if you do get one of these killers all you have to do is reformat, resection, reload, and pull up your back-up files.... am I missing something here?

-- Netghost (ng@no.yr), May 22, 2000.


Netghost,

The virus would show up in an email from someone you do know. Which is why so many opened it the first time.

Now, of course, they should know better....

-- Please see attachment (I@love.you.too!), May 22, 2000.


And?...

-- Netghost (ng@no.yr), May 22, 2000.

Don't worry about it Netghost. Since you would never receive an email from a friend, you probably won't ever have to worry about it.

You have to have friends first.

-- Yes, you are missing something here. (your@lunch.no.brain.there), May 22, 2000.


Don't worry about it Netghost. Since you would never receive an email from a friend, you probably won't ever have to worry about it.

Very astute... of course you know me so well...

You have to have friends first.

Don't project your own personality problems onto me... when you have something to say about web security, speak up... untill then... Shhhhhhh... your ignorance is showing :-)

-- Yes, you are missing something here. (your@lunch.no.brain.there), May 22, 2000.

-- Netghost (ng@no.yr), May 22, 2000.


Moderation questions? read the FAQ