mailing list archives
RE: viruses being sent to this list
From: "Alerta Redsegura" <alerta () redsegura com>
Date: Mon, 22 Mar 2004 17:59:58 -0500
Gady Evron said:
...but as I am the latest victim of the latest spreading
mechanism for viruses - Full-Disclosure,...
The worm sent in your name is I-Worm.Bagle.n (W32/Bagle.N () mm),
it takes its email addresses from files with the following extensions:
.wab, .txt, .msg, .htm, .shtm, .stm, .xml, .dbx, .mbx, .mdx, .eml, .nch,
.mmf, .ods, .cfg, .asp, .php, .wsh, .adb, .tbb, .sht, .xls, .oft, .uin,
.cgi, .mht, .dhtm, .jsp
So it is very likely that your email address was picked up automatically by
the worm on the infected machine, with no human intervention whatsoever.
This aside, I understand this list is directed to people with a
knowledge/background/experience in computer security, such that a .pif
attachment whether gets filtered before their email client or otherwise they
are clever enough not to open it.
Full-Disclosure - We believe in it.