Problem description:
Email data:
MessageID: <20030520204602.F297B1F6EE at spice.eahd.or.ug>
From: <support at microsoft.com>
To: <afnog-outgoing at afnog.org>
Cc:
Subject: Re: My application
Scanning part []
Scanning part [application.pif]
Attachment validity check: passed.
Virus identity found: W32/Palyh-A
Virus identity found: W32/Palyh-A
Regards,
Mark Tinka - CCNA
Network Engineer
Africa Online
Uganda
5th Floor, Commercial Plaza
7 Kampala Rd,
Tel:
+256-41-258143
Fax: +256-41-258144
E-mail:
mtinka at africaonline.co.ug
Web:
www.africaonline.co.ug
-----Original Message-----
From: owner-afnog at afnog.org [mailto:owner-afnog at afnog.org] On Behalf Of Brian Longwe
Sent: Wednesday, May 21, 2003 7:02 AM
To: afnog at afnog.org
Subject: FW: Reuters.com - Internet Worm Disguised as E-Mail fromMicrosoft - Mon May 19, 2003 03:09 PM ET
------ Forwarded Message
From: Reuters_News at reuters.com
Reply-To: cto at nbi.ispkenya.com
Date: Mon, 19 May 2003 17:34:57 -0400 (EDT)
To: tech-list at nbi.ispkenya.com
Cc: cto at nbi.ispkenya.com
Subject: Reuters.com - Internet Worm Disguised as E-Mail from Microsoft - Mon May 19, 2003 03:09 PM ET
Brian Longwe (cto at nbi.ispkenya.com) has sent you this article.
Personal message:
Please prepare a mass mail to warn users about this.
<http://www.reuters.com>
Internet Worm Disguised as E-Mail from Microsoft <http://www.reuters.com/newsArticle.jhtml?type=technologyNews&storyID=2771693&fromEmail=true>
Mon May 19, 2003 03:09 PM ET
SAN FRANCISCO (Reuters) - A new computer worm that disguises itself as an e-mail from Microsoft Corp. is spreading, computer security firms warned on Monday. The e-mail containing the worm, dubbed Palyh or Mankx, appears to come from support at microsoft.com, but is not from the software company. When the attachment is opened, the worm copies itself to the Windows folder, scoops up e-mail addresses from the hard disk and starts sending itself out, said U.K-based Sophos. The malicious program can spread itself to other Windows machines on a local area network, anti-virus vendors said. It also can secretly install spyware programs, according to Moscow-based Kaspersky Labs in a news release. However, Christ Belthoff, a senior product manager at Sophos, said his firm has found no evidence that it installs spyware, or a program that eavesdrops on computer users. "This is not a widespread outbreak," he added. The worm is programmed to expire automatically on May 30, according to Symantec Corp. It began spreading on Saturday and has apparently infected computers in 69 countries, according to MessageLabs. A Microsoft spokesman said the company never sends out unsolicited mass e-mails with attachments.
© Copyright Reuters 2002. All rights reserved. Any copying, re-publication or re-distribution of Reuters content or of any content used on this site, including by framing or similar means, is expressly prohibited without prior written consent of Reuters. Quotes and other data are provided for your personal information only, and are not intended for trading purposes. Reuters, the members of its Group and its data providers shall not be liable for any errors or delays in the quotes or other data, or for any actions taken in reliance thereon. © Reuters 2002. All rights reserved. Republication or redistribution of Reuters content, including by caching, framing or similar means, is expressly prohibited without the prior written consent of Reuters. Reuters and the Reuters sphere logo are registered trademarks and trademarks of the Reuters group of companies around the world.
------ End of Forwarded Message