Your browser does not seem to support CSS. If images appear below, please disregard them.
It appears that you're running an Ad-Blocker. This site is monetized by Advertising and by ">User Donations; we ask that if you find this site helpful that you whitelist us in your Ad-Blocker, or make a ">Donation to help aid in operating costs.
Previous Thread
Next Thread
Print Thread
Rate This Thread
#33418 - 03/04/04 07:52 AM Spoofed Mail Messages  
Joined: Feb 2002
Posts: 7,198
Gremelin Offline
Community Owner
Gremelin  Offline

Community Owner

Joined: Feb 2002
Posts: 7,198
Likes: 11
Portland, OR; USA
I'd just like to remind everyone (who has them)) not to pay any attention to the spoofed mail messages being recieved at their UGN Security mail addresses.

Some of these messages are including an attachment which is most definatley a virus in every shape and form; note that if I ever do send you a message, it sures hell won't contain one wink ...

The following are some examples of what people may be recieving:

Message containing Virus name: [email protected]
Quote:
Dear user of e-mail server "Undergroundnews.com",

Some of our clients complained about the spam (negative e-mail content) outgoing from your e-mail account. Probably, you have been infected by a proxy-relay trojan server. In order to keep your computer safe, follow the instructions.

Advanced details can be found in attached file.

Kind regards,
The Undergroundnews.com team http://www.undergroundnews.com
I'm not sure what is contained in test.zip but I'm sures hell not going to open it.
Quote:
Dear user of e-mail server "Undergroundnews.com",

Some of our clients complained about the spam (negative e-mail content) outgoing from your e-mail account. Probably, you have been infected by a proxy-relay trojan server. In order to keep your computer safe, follow the instructions.

Please, read the attach for further details.

For security purposes the attached file is password protected. Password is "47206".

Cheers,
The Undergroundnews.com team http://www.undergroundnews.com
Ok, a few things if you recieve a message LIKE that from UGN.

1. I don't sign a message that way, comeon, it's UGN Security if anything.
2. If you spam from your account, you don't recieve a notice, it'll be deleted on the spot.
3. Who the hell opens a message that way?
4. "Some of our clients" clients? We have clients? since when?
5. Use common sense, if you see an attachment from a non existant email address, don't open the damn thing.


Donate to UGN Security here.
UGN Security, Back of the Web, and VNC Web Services Owner
Sponsored Links
#33419 - 03/04/04 08:42 AM Re: Spoofed Mail Messages  
Joined: Feb 2002
Posts: 7,198
Gremelin Offline
Community Owner
Gremelin  Offline

Community Owner

Joined: Feb 2002
Posts: 7,198
Likes: 11
Portland, OR; USA
Virus name: [email protected]
Quote:
Dear user of Undergroundnews.com gateway e-mail server,

Some of our clients complained about the spam (negative e-mail content) outgoing from your e-mail account. Probably, you have been infected by a proxy-relay trojan server. In order to keep your computer safe, follow the instructions.

For further details see the attach.

Best wishes,
The Undergroundnews.com team http://www.undergroundnews.com
Virus name: [email protected]
Quote:
Dear user of e-mail server "Undergroundnews.com",

Our main mailing server will be temporary unavaible for next two days,
to continue receiving mail in these days you have to configure our free auto-forwarding service.

Further details can be obtained from attached file.

Have a good day,
The Undergroundnews.com team http://www.undergroundnews.com


Donate to UGN Security here.
UGN Security, Back of the Web, and VNC Web Services Owner
#33420 - 03/04/04 10:38 AM Re: Spoofed Mail Messages  
Joined: Dec 2002
Posts: 3,255
§intå× Offline
§intå×  Offline


Joined: Dec 2002
Posts: 3,255
Likes: 3
Maryland
Okay, the jig is up. I will stop sending my trojan.... :~/

#33421 - 03/04/04 12:19 PM Re: Spoofed Mail Messages  
Joined: Feb 2002
Posts: 7,198
Gremelin Offline
Community Owner
Gremelin  Offline

Community Owner

Joined: Feb 2002
Posts: 7,198
Likes: 11
Portland, OR; USA
wink ... Funny thing is, why the [censored] would I send myself a message saying that I violated my own rules... lol...


Donate to UGN Security here.
UGN Security, Back of the Web, and VNC Web Services Owner
#33422 - 03/05/04 02:22 AM Re: Spoofed Mail Messages  
Joined: Nov 2002
Posts: 1,146
Ice Offline
UGN News Staff
Ice  Offline
UGN News Staff

Joined: Nov 2002
Posts: 1,146
Likes: 1
Canada
i've been recieving message like that in the past= )

Rule 1 = Never open a Zip in a e-mail lol


Good artists copy, great artists
steal.

-Picasso
Sponsored Links
#33423 - 03/05/04 05:47 AM Re: Spoofed Mail Messages  
Joined: Sep 2002
Posts: 553
Digital Geek Offline
UGN Super Poster
Digital Geek  Offline
UGN Super Poster

Joined: Sep 2002
Posts: 553
Cluj-Napoca, Romania
You could open it while you're in linux. smile

#33424 - 03/05/04 06:26 AM Re: Spoofed Mail Messages  
Joined: Feb 2002
Posts: 7,198
Gremelin Offline
Community Owner
Gremelin  Offline

Community Owner

Joined: Feb 2002
Posts: 7,198
Likes: 11
Portland, OR; USA
Quote:
Originally posted by Ice:
i've been recieving message like that in the past= )

Rule 1 = Never open a Zip in a e-mail lol
Unless you trust the person who it's from and know that they deliberatly sent it...

Quote:
Originally posted by Digital Geek:
You could open it while you're in linux. smile
2 issues with that, my linux box burnt out, and it's an exe...


Donate to UGN Security here.
UGN Security, Back of the Web, and VNC Web Services Owner
#33425 - 03/20/04 08:06 AM Re: Spoofed Mail Messages  
Joined: Mar 2004
Posts: 1
RCG8 Offline
Junior Member
RCG8  Offline
Junior Member

Joined: Mar 2004
Posts: 1
California, USA
I was searching Google for information on "proxy-relay trojan server" and I found this thread.

I received one of these (with an attachment) from someone pretending to be from the management dept. at Yahoo.com. Here is what it read:

Quote:
Dear user of e-mail server "Yahoo.com",

Some of our clients complained about the spam (negative e-mail
content)
outgoing from your e-mail account. Probably, you have been infected by
a proxy-relay trojan server. In order to keep your computer safe,
follow the instructions.

Pay attention on attached file.

Have a good day,
The Yahoo.com team
http://www.yahoo.com
I did not open the attachment, of course. I sent it onto Yahoo, but I thought that perhaps others would like to know about this.

Some people do not think, they merely react, when they see an attachment from a source they believe is trusted.

Anyway, that's all that I wanted to say.

#33426 - 03/20/04 08:35 AM Re: Spoofed Mail Messages  
Joined: Feb 2002
Posts: 7,198
Gremelin Offline
Community Owner
Gremelin  Offline

Community Owner

Joined: Feb 2002
Posts: 7,198
Likes: 11
Portland, OR; USA
My one sugguestion, virus scan everything; validate headers and be sure it's meant to be sent from the source.


Donate to UGN Security here.
UGN Security, Back of the Web, and VNC Web Services Owner
#33427 - 03/20/04 09:06 PM Re: Spoofed Mail Messages  
Joined: Mar 2004
Posts: 419
Spyrios Offline
UGN Member
Spyrios  Offline
UGN Member

Joined: Mar 2004
Posts: 419
VA
My wife just got the same form but it said it was from Cox. she called me in and said hey how do i open this thing even though NAV was flipping out,lol. we had a long discussion about security after that. i recommend everyone turn on email scanning, NAV just deletes it as it comes in to you inbox if it is a virus.


D, world destruction
Over and overture
N, do I need
Apostrophe T, need this torture?-They Might Be Giants
Sponsored Links
#33428 - 08/03/04 10:23 AM Re: Spoofed Mail Messages  
Joined: Feb 2002
Posts: 7,198
Gremelin Offline
Community Owner
Gremelin  Offline

Community Owner

Joined: Feb 2002
Posts: 7,198
Likes: 11
Portland, OR; USA
A new one; supposidly coming from noreply[at]undergroundnews[dot]com;
Subject: RETURNED MAIL: DATA FORMAT ERROR or RETURNED MAIL: SEE TRANSCRIPT FOR DETAILS
Quote:
Dear user of undergroundnews.com, administration of undergroundnews.com would
like to let you know that.

We have detected that your account was used to send a huge amount of spam
messages during this week.
Most likely your computer was infected and now runs a hidden proxy server.

Please follow our instruction in order to keep your computer safe.

Have a nice day,
The undergroundnews.com support team.
Note, that mail address doesn't work; and we don't have a "support team"...

Note that these emails are containing viruses; do not open them.

This users IP appears to be: 200.110.12.170 (pc.200.110.12.170.millicomperu.com.pe)


Donate to UGN Security here.
UGN Security, Back of the Web, and VNC Web Services Owner
#33429 - 11/10/04 11:27 PM Re: Spoofed Mail Messages  
Joined: Oct 2004
Posts: 16
drkmercinary Offline
Junior Member
drkmercinary  Offline
Junior Member

Joined: Oct 2004
Posts: 16
http://www.muhs.edu/
I was sent one but the security system on our network computers deleted the file
You can use a racer program to find who is sending the emails I don't know the URL but of you google it there are tons of sites

#33430 - 11/11/04 06:43 AM Re: Spoofed Mail Messages  
Joined: Feb 2002
Posts: 7,198
Gremelin Offline
Community Owner
Gremelin  Offline

Community Owner

Joined: Feb 2002
Posts: 7,198
Likes: 11
Portland, OR; USA
Not too hard to view the mail headers and report it to the ISP wink


Donate to UGN Security here.
UGN Security, Back of the Web, and VNC Web Services Owner
#33431 - 11/15/04 04:31 AM Re: Spoofed Mail Messages  
Joined: Dec 2002
Posts: 3,255
§intå× Offline
§intå×  Offline


Joined: Dec 2002
Posts: 3,255
Likes: 3
Maryland


Member Spotlight
Crime
Crime
SC, usa
Posts: 506
Joined: March 2002
Show All Member Profiles 
Forum Statistics
Forums45
Topics33,918
Posts69,060
Members2,165
Average Daily Posts3
Members2,165
Most Online1,567
Apr 25th, 2010
Latest Postings
There is not any party like an arm party
by bagful on 04/27/17 06:26 AM
The innovative concept keep
by bagful on 04/27/17 06:25 AM
The Nike Blazer Studio Mid Decon
by bagful on 04/27/17 06:24 AM
a fresh white enhance midsole device
by bagful on 04/27/17 06:23 AM
shopping for jewelry with something above
by mikejoey on 04/12/17 08:01 AM
PANDORA North The usa
by mikejoey on 04/12/17 07:38 AM
Pandora’s birthstone products will always
by mikejoey on 04/12/17 07:14 AM
the newest Pandora necklaces crafting facility
by mikejoey on 04/12/17 06:53 AM
an Air Jordan 4 by Off White is in
by mikejoey on 04/12/17 06:35 AM
belonging to the adidas NMD XR1
by mikejoey on 04/12/17 05:50 AM
Top Posters(All Time)
UGN Security 41,138
Gremelin 7,198
§intå× 3,255
SilentRage 1,273
Ice 1,146
pergesu 1,136
Infinite 1,041
jonconley 955
Girlie 908
unreal 860
Top Liked Users (All Time)
§intå× Likes: 3
Black Beard Likes: 1
Cold Sunn Likes: 1
Crime Likes: 1
Cyrez Likes: 1
fleshwound Likes: 1
Ghost Likes: 2
Gremelin Likes: 12
Ice Likes: 1
ninjaneo Likes: 1
Top Liked Users (30 Days)
No Data Found
Powered by UBB.threads™ PHP Forum Software 7.6.0
(Snapshot build 20170206)