Re: homepage worm

[Nicola Green <NGreen () POWERLAN COM AU>]

Hello,

I have found 3 instances this morning on our site and we run Trend Micro for
Exchange (all latest pattern files, engine updates etc.)and it is picked
them up happily.

Regards, Nicola Green.
Powerlan Ltd, Brisbane.

-----Original Message-----
From: reb () OPENRECORDS ORG [mailto:reb () OPENRECORDS ORG]
Sent: Thursday, 10 May 2001 8:03 AM
To: INCIDENTS () SECURITYFOCUS COM
Subject: Re: homepage worm


Greetings,

We have only had 8 of these emails sent to us, and Groupshield for
Exchange (with latest dats) caught all of them.

Reb

On Wed, 9 May 2001, black-hand wrote:

> Hi,
>
> There is a new VBS worm doing its rounds down here in Australia at the
> moment, a lot of virus scanners arnt picking it up. Its not a malicious
> payload, but still..
>
> ive put up the email, attachment and payload info here:
>
> http://black.wiretapped.net/homepagevirus.asp
>
> to bypass virus scanners, it does a simple decypher then execute
>
> black-hand
> wiretapped - 2600 australia
> http://black.wiretapped.net


Website: http://www.powerlan.com.au/qld

Powerlan, IT&T Education, IT&T Careers

This e-mail may contain information which represents the views of the
sender and not necessarily those of Powerlan and
associated business groups.  This information is confidential and
intended for the addressee only.  Please advise Powerlan if you have
received this e-mail in error.

Virus protection is in place at Powerlan, however virus protection remains
the responsibility of the recipient.