UGN Security Forums
My ProfileMember DirectoryLogin
Search our ForumsView our FAQView our Site Rules
View our CalendarView our Active TopicsGo to our Main Page

UGN Security Store
 

Network Sites UGN Security, The GoNix Initiative, Elite Web Gamers, Back of the Web, EveryDay Helper, VNC Web Design & Development
Sponsored Links
Latest Postings
Latest Reviews
Topic Options
Rate This Topic
#33418 - 03/04/04 02:52 AM Spoofed Mail Messages
Gremelin Offline

Community Owner
*****

Registered: 02/28/02
Posts: 7193
Loc: Portland, OR; USA
I'd just like to remind everyone (who has them)) not to pay any attention to the spoofed mail messages being recieved at their UGN Security mail addresses.

Some of these messages are including an attachment which is most definatley a virus in every shape and form; note that if I ever do send you a message, it sures hell won't contain one ...

The following are some examples of what people may be recieving:

Message containing Virus name: W32.Beagle.A@mm
Quote:
Dear user of e-mail server "Undergroundnews.com",

Some of our clients complained about the spam (negative e-mail content) outgoing from your e-mail account. Probably, you have been infected by a proxy-relay trojan server. In order to keep your computer safe, follow the instructions.

Advanced details can be found in attached file.

Kind regards,
The Undergroundnews.com team http://www.undergroundnews.com
I'm not sure what is contained in test.zip but I'm sures hell not going to open it.
Quote:
Dear user of e-mail server "Undergroundnews.com",

Some of our clients complained about the spam (negative e-mail content) outgoing from your e-mail account. Probably, you have been infected by a proxy-relay trojan server. In order to keep your computer safe, follow the instructions.

Please, read the attach for further details.

For security purposes the attached file is password protected. Password is "47206".

Cheers,
The Undergroundnews.com team http://www.undergroundnews.com
Ok, a few things if you recieve a message LIKE that from UGN Security.

1. I don't sign a message that way, comeon, it's UGN Security if anything.
2. If you spam from your account, you don't recieve a notice, it'll be deleted on the spot.
3. Who the hell opens a message that way?
4. "Some of our clients" clients? We have clients? since when?
5. Use common sense, if you see an attachment from a non existant email address, don't open the damn thing.
_________________________
Donate to UGN Security here.
UGN Security, Back of the Web, Elite Web Gamers & VNC Web Design Owner

Top
Sponsored Links
      
#33419 - 03/04/04 03:42 AM Re: Spoofed Mail Messages
Gremelin Offline

Community Owner
*****

Registered: 02/28/02
Posts: 7193
Loc: Portland, OR; USA
Virus name: W32.Beagle.A@mm
Quote:
Dear user of Undergroundnews.com gateway e-mail server,

Some of our clients complained about the spam (negative e-mail content) outgoing from your e-mail account. Probably, you have been infected by a proxy-relay trojan server. In order to keep your computer safe, follow the instructions.

For further details see the attach.

Best wishes,
The Undergroundnews.com team http://www.undergroundnews.com
Virus name: W32.Beagle.A@mm
Quote:
Dear user of e-mail server "Undergroundnews.com",

Our main mailing server will be temporary unavaible for next two days,
to continue receiving mail in these days you have to configure our free auto-forwarding service.

Further details can be obtained from attached file.

Have a good day,
The Undergroundnews.com team http://www.undergroundnews.com
_________________________
Donate to UGN Security here.
UGN Security, Back of the Web, Elite Web Gamers & VNC Web Design Owner

Top
#33420 - 03/04/04 05:38 AM Re: Spoofed Mail Messages
§intå× Offline


*****

Registered: 12/03/02
Posts: 3255
Loc: Maryland
Okay, the jig is up. I will stop sending my trojan.... :~/
_________________________
My New site OpenEyes

Top
#33421 - 03/04/04 07:19 AM Re: Spoofed Mail Messages
Gremelin Offline

Community Owner
*****

Registered: 02/28/02
Posts: 7193
Loc: Portland, OR; USA
... Funny thing is, why the fuck would I send myself a message saying that I violated my own rules... lol...
_________________________
Donate to UGN Security here.
UGN Security, Back of the Web, Elite Web Gamers & VNC Web Design Owner

Top
#33422 - 03/04/04 09:22 PM Re: Spoofed Mail Messages
Ice Offline
UGN News Staff

Registered: 11/29/02
Posts: 1146
Loc: Canada
i've been recieving message like that in the past= )

Rule 1 = Never open a Zip in a e-mail lol
_________________________
Good artists copy, great artists
steal.

-Picasso

Top
#33423 - 03/05/04 12:47 AM Re: Spoofed Mail Messages
Digital Geek Offline
UGN Super Poster

Registered: 09/18/02
Posts: 553
Loc: Cluj-Napoca, Romania
You could open it while you're in linux.

Top
#33424 - 03/05/04 01:26 AM Re: Spoofed Mail Messages
Gremelin Offline

Community Owner
*****

Registered: 02/28/02
Posts: 7193
Loc: Portland, OR; USA
Quote:
Originally posted by Ice:
i've been recieving message like that in the past= )

Rule 1 = Never open a Zip in a e-mail lol
Unless you trust the person who it's from and know that they deliberatly sent it...

Quote:
Originally posted by Digital Geek:
You could open it while you're in linux.
2 issues with that, my linux box burnt out, and it's an exe...
_________________________
Donate to UGN Security here.
UGN Security, Back of the Web, Elite Web Gamers & VNC Web Design Owner

Top
#33425 - 03/20/04 03:06 AM Re: Spoofed Mail Messages
RCG8 Offline
Junior Member

Registered: 03/19/04
Posts: 1
Loc: California, USA
I was searching Google for information on "proxy-relay trojan server" and I found this thread.

I received one of these (with an attachment) from someone pretending to be from the management dept. at Yahoo.com. Here is what it read:

Quote:
Dear user of e-mail server "Yahoo.com",

Some of our clients complained about the spam (negative e-mail
content)
outgoing from your e-mail account. Probably, you have been infected by
a proxy-relay trojan server. In order to keep your computer safe,
follow the instructions.

Pay attention on attached file.

Have a good day,
The Yahoo.com team
http://www.yahoo.com
I did not open the attachment, of course. I sent it onto Yahoo, but I thought that perhaps others would like to know about this.

Some people do not think, they merely react, when they see an attachment from a source they believe is trusted.

Anyway, that's all that I wanted to say.

Top
#33426 - 03/20/04 03:35 AM Re: Spoofed Mail Messages
Gremelin Offline

Community Owner
*****

Registered: 02/28/02
Posts: 7193
Loc: Portland, OR; USA
My one sugguestion, virus scan everything; validate headers and be sure it's meant to be sent from the source.
_________________________
Donate to UGN Security here.
UGN Security, Back of the Web, Elite Web Gamers & VNC Web Design Owner

Top
#33427 - 03/20/04 04:06 PM Re: Spoofed Mail Messages
Spyrios Offline
UGN Member

Registered: 03/15/04
Posts: 419
Loc: VA
My wife just got the same form but it said it was from Cox. she called me in and said hey how do i open this thing even though NAV was flipping out,lol. we had a long discussion about security after that. i recommend everyone turn on email scanning, NAV just deletes it as it comes in to you inbox if it is a virus.
_________________________
D, world destruction
Over and overture
N, do I need
Apostrophe T, need this torture?-They Might Be Giants

Top
#33428 - 08/03/04 06:23 AM Re: Spoofed Mail Messages
Gremelin Offline

Community Owner
*****

Registered: 02/28/02
Posts: 7193
Loc: Portland, OR; USA
A new one; supposidly coming from noreply[at]undergroundnews[dot]com;
Subject: RETURNED MAIL: DATA FORMAT ERROR or RETURNED MAIL: SEE TRANSCRIPT FOR DETAILS
Quote:
Dear user of undergroundnews.com, administration of undergroundnews.com would
like to let you know that.

We have detected that your account was used to send a huge amount of spam
messages during this week.
Most likely your computer was infected and now runs a hidden proxy server.

Please follow our instruction in order to keep your computer safe.

Have a nice day,
The undergroundnews.com support team.
Note, that mail address doesn't work; and we don't have a "support team"...

Note that these emails are containing viruses; do not open them.

This users IP appears to be: 200.110.12.170 (pc.200.110.12.170.millicomperu.com.pe)
_________________________
Donate to UGN Security here.
UGN Security, Back of the Web, Elite Web Gamers & VNC Web Design Owner

Top
#33429 - 11/10/04 06:27 PM Re: Spoofed Mail Messages
drkmercinary Offline
Junior Member

Registered: 10/19/04
Posts: 16
Loc: http://www.muhs.edu/
I was sent one but the security system on our network computers deleted the file
You can use a racer program to find who is sending the emails I don't know the URL but of you google it there are tons of sites

Top
#33430 - 11/11/04 01:43 AM Re: Spoofed Mail Messages
Gremelin Offline

Community Owner
*****

Registered: 02/28/02
Posts: 7193
Loc: Portland, OR; USA
Not too hard to view the mail headers and report it to the ISP
_________________________
Donate to UGN Security here.
UGN Security, Back of the Web, Elite Web Gamers & VNC Web Design Owner

Top
#33431 - 11/14/04 11:31 PM Re: Spoofed Mail Messages
§intå× Offline


*****

Registered: 12/03/02
Posts: 3255
Loc: Maryland
_________________________
My New site OpenEyes

Top

Featured Member
Registered: 02/28/02
Posts: 7193
Forum Stats
2148 Members
46 Forums
35088 Topics
70258 Posts

Max Online: 1567 @ 04/25/10 05:20 AM
Top Posters
UGN Security 28250
Gremelin 7193
§intå× 3255
SilentRage 1273
Ice 1146
pergesu 1136
Infinite 1041
jonconley 955
Girlie 908
unreal 860
Newest Members
Tim050, Gecko666, defghi795767, Devo60, ali
2148 Registered Users
Who's Online
0 registered (), 446 Guests and 257 Spiders online.
Key: Admin, Global Mod, Mod
Latest News


Donate
  Get Firefox!
Get FireFox!