Your browser does not seem to support CSS. If images appear below, please disregard them.
It appears that you're running an Ad-Blocker. This site is monetized by Advertising and by User Donations; we ask that if you find this site helpful that you whitelist us in your Ad-Blocker, or make a Donation to help aid in operating costs.
Previous Thread
Next Thread
Print Thread
Rate This Thread
#33418 - 03/04/04 07:52 AM Spoofed Mail Messages  
Joined: Feb 2002
Posts: 7,195
Gremelin Offline
Community Owner
Gremelin  Offline

Community Owner

Joined: Feb 2002
Posts: 7,195
Likes: 3
Portland, OR; USA
I'd just like to remind everyone (who has them)) not to pay any attention to the spoofed mail messages being recieved at their UGN Security mail addresses.

Some of these messages are including an attachment which is most definatley a virus in every shape and form; note that if I ever do send you a message, it sures hell won't contain one ...

The following are some examples of what people may be recieving:

Message containing Virus name: [email protected]
Quote:
Dear user of e-mail server "Undergroundnews.com",

Some of our clients complained about the spam (negative e-mail content) outgoing from your e-mail account. Probably, you have been infected by a proxy-relay trojan server. In order to keep your computer safe, follow the instructions.

Advanced details can be found in attached file.

Kind regards,
The Undergroundnews.com team http://www.undergroundnews.com
I'm not sure what is contained in test.zip but I'm sures hell not going to open it.
Quote:
Dear user of e-mail server "Undergroundnews.com",

Some of our clients complained about the spam (negative e-mail content) outgoing from your e-mail account. Probably, you have been infected by a proxy-relay trojan server. In order to keep your computer safe, follow the instructions.

Please, read the attach for further details.

For security purposes the attached file is password protected. Password is "47206".

Cheers,
The Undergroundnews.com team http://www.undergroundnews.com
Ok, a few things if you recieve a message LIKE that from UGN.

1. I don't sign a message that way, comeon, it's UGN Security if anything.
2. If you spam from your account, you don't recieve a notice, it'll be deleted on the spot.
3. Who the hell opens a message that way?
4. "Some of our clients" clients? We have clients? since when?
5. Use common sense, if you see an attachment from a non existant email address, don't open the damn thing.


Donate to UGN Security here.
UGN Security, Back of the Web, and VNC Web Services Owner
Sponsored Links
#33419 - 03/04/04 08:42 AM Re: Spoofed Mail Messages  
Joined: Feb 2002
Posts: 7,195
Gremelin Offline
Community Owner
Gremelin  Offline

Community Owner

Joined: Feb 2002
Posts: 7,195
Likes: 3
Portland, OR; USA
Virus name: [email protected]
Quote:
Dear user of Undergroundnews.com gateway e-mail server,

Some of our clients complained about the spam (negative e-mail content) outgoing from your e-mail account. Probably, you have been infected by a proxy-relay trojan server. In order to keep your computer safe, follow the instructions.

For further details see the attach.

Best wishes,
The Undergroundnews.com team http://www.undergroundnews.com
Virus name: [email protected]
Quote:
Dear user of e-mail server "Undergroundnews.com",

Our main mailing server will be temporary unavaible for next two days,
to continue receiving mail in these days you have to configure our free auto-forwarding service.

Further details can be obtained from attached file.

Have a good day,
The Undergroundnews.com team http://www.undergroundnews.com


Donate to UGN Security here.
UGN Security, Back of the Web, and VNC Web Services Owner
#33420 - 03/04/04 10:38 AM Re: Spoofed Mail Messages  
Joined: Dec 2002
Posts: 3,255
§intå× Offline
§intå×  Offline


Joined: Dec 2002
Posts: 3,255
Likes: 1
Maryland
Okay, the jig is up. I will stop sending my trojan.... :~/

#33421 - 03/04/04 12:19 PM Re: Spoofed Mail Messages  
Joined: Feb 2002
Posts: 7,195
Gremelin Offline
Community Owner
Gremelin  Offline

Community Owner

Joined: Feb 2002
Posts: 7,195
Likes: 3
Portland, OR; USA
... Funny thing is, why the fuck would I send myself a message saying that I violated my own rules... lol...


Donate to UGN Security here.
UGN Security, Back of the Web, and VNC Web Services Owner
#33422 - 03/05/04 02:22 AM Re: Spoofed Mail Messages  
Joined: Nov 2002
Posts: 1,146
Ice Offline
UGN News Staff
Ice  Offline
UGN News Staff

Joined: Nov 2002
Posts: 1,146
Likes: 1
Canada
i've been recieving message like that in the past= )

Rule 1 = Never open a Zip in a e-mail lol


Good artists copy, great artists
steal.

-Picasso
Sponsored Links
#33423 - 03/05/04 05:47 AM Re: Spoofed Mail Messages  
Joined: Sep 2002
Posts: 553
Digital Geek Offline
UGN Super Poster
Digital Geek  Offline
UGN Super Poster

Joined: Sep 2002
Posts: 553
Cluj-Napoca, Romania
You could open it while you're in linux.

#33424 - 03/05/04 06:26 AM Re: Spoofed Mail Messages  
Joined: Feb 2002
Posts: 7,195
Gremelin Offline
Community Owner
Gremelin  Offline

Community Owner

Joined: Feb 2002
Posts: 7,195
Likes: 3
Portland, OR; USA
Quote:
Originally posted by Ice:
i've been recieving message like that in the past= )

Rule 1 = Never open a Zip in a e-mail lol
Unless you trust the person who it's from and know that they deliberatly sent it...

Quote:
Originally posted by Digital Geek:
You could open it while you're in linux.
2 issues with that, my linux box burnt out, and it's an exe...


Donate to UGN Security here.
UGN Security, Back of the Web, and VNC Web Services Owner
#33425 - 03/20/04 08:06 AM Re: Spoofed Mail Messages  
Joined: Mar 2004
Posts: 1
RCG8 Offline
Junior Member
RCG8  Offline
Junior Member

Joined: Mar 2004
Posts: 1
California, USA
I was searching Google for information on "proxy-relay trojan server" and I found this thread.

I received one of these (with an attachment) from someone pretending to be from the management dept. at Yahoo.com. Here is what it read:

Quote:
Dear user of e-mail server "Yahoo.com",

Some of our clients complained about the spam (negative e-mail
content)
outgoing from your e-mail account. Probably, you have been infected by
a proxy-relay trojan server. In order to keep your computer safe,
follow the instructions.

Pay attention on attached file.

Have a good day,
The Yahoo.com team
http://www.yahoo.com
I did not open the attachment, of course. I sent it onto Yahoo, but I thought that perhaps others would like to know about this.

Some people do not think, they merely react, when they see an attachment from a source they believe is trusted.

Anyway, that's all that I wanted to say.

#33426 - 03/20/04 08:35 AM Re: Spoofed Mail Messages  
Joined: Feb 2002
Posts: 7,195
Gremelin Offline
Community Owner
Gremelin  Offline

Community Owner

Joined: Feb 2002
Posts: 7,195
Likes: 3
Portland, OR; USA
My one sugguestion, virus scan everything; validate headers and be sure it's meant to be sent from the source.


Donate to UGN Security here.
UGN Security, Back of the Web, and VNC Web Services Owner
#33427 - 03/20/04 09:06 PM Re: Spoofed Mail Messages  
Joined: Mar 2004
Posts: 419
Spyrios Offline
UGN Member
Spyrios  Offline
UGN Member

Joined: Mar 2004
Posts: 419
VA
My wife just got the same form but it said it was from Cox. she called me in and said hey how do i open this thing even though NAV was flipping out,lol. we had a long discussion about security after that. i recommend everyone turn on email scanning, NAV just deletes it as it comes in to you inbox if it is a virus.


D, world destruction
Over and overture
N, do I need
Apostrophe T, need this torture?-They Might Be Giants
Sponsored Links
#33428 - 08/03/04 10:23 AM Re: Spoofed Mail Messages  
Joined: Feb 2002
Posts: 7,195
Gremelin Offline
Community Owner
Gremelin  Offline

Community Owner

Joined: Feb 2002
Posts: 7,195
Likes: 3
Portland, OR; USA
A new one; supposidly coming from noreply[at]undergroundnews[dot]com;
Subject: RETURNED MAIL: DATA FORMAT ERROR or RETURNED MAIL: SEE TRANSCRIPT FOR DETAILS
Quote:
Dear user of undergroundnews.com, administration of undergroundnews.com would
like to let you know that.

We have detected that your account was used to send a huge amount of spam
messages during this week.
Most likely your computer was infected and now runs a hidden proxy server.

Please follow our instruction in order to keep your computer safe.

Have a nice day,
The undergroundnews.com support team.
Note, that mail address doesn't work; and we don't have a "support team"...

Note that these emails are containing viruses; do not open them.

This users IP appears to be: 200.110.12.170 (pc.200.110.12.170.millicomperu.com.pe)


Donate to UGN Security here.
UGN Security, Back of the Web, and VNC Web Services Owner
#33429 - 11/10/04 11:27 PM Re: Spoofed Mail Messages  
Joined: Oct 2004
Posts: 16
drkmercinary Offline
Junior Member
drkmercinary  Offline
Junior Member

Joined: Oct 2004
Posts: 16
http://www.muhs.edu/
I was sent one but the security system on our network computers deleted the file
You can use a racer program to find who is sending the emails I don't know the URL but of you google it there are tons of sites

#33430 - 11/11/04 06:43 AM Re: Spoofed Mail Messages  
Joined: Feb 2002
Posts: 7,195
Gremelin Offline
Community Owner
Gremelin  Offline

Community Owner

Joined: Feb 2002
Posts: 7,195
Likes: 3
Portland, OR; USA
Not too hard to view the mail headers and report it to the ISP


Donate to UGN Security here.
UGN Security, Back of the Web, and VNC Web Services Owner
#33431 - 11/15/04 04:31 AM Re: Spoofed Mail Messages  
Joined: Dec 2002
Posts: 3,255
§intå× Offline
§intå×  Offline


Joined: Dec 2002
Posts: 3,255
Likes: 1
Maryland


Member Spotlight
Crime
Crime
SC, usa
Posts: 506
Joined: March 2002
Show All Member Profiles 
Forum Statistics
Forums45
Topics47,470
Posts82,640
Average Daily Posts7
Members2,159
Most Online1,567
Apr 25th, 2010
Latest Postings
Top Posters(All Time)
UGN Security 40,634
Gremelin 7,195
§intå× 3,255
SilentRage 1,273
Ice 1,146
pergesu 1,136
Infinite 1,041
jonconley 955
Girlie 908
unreal 860
Top Liked Users (All Time)
§intå× Likes: 1
Cold Sunn Likes: 1
Crime Likes: 1
Cyrez Likes: 1
Ghost Likes: 1
Gremelin Likes: 4
Ice Likes: 1
unreal Likes: 1
Top Liked Users (30 Days)
No Data Found
Powered by UBB.threads™ PHP Forum Software 7.6.0
(Snapshot build 20160902)