[Techtalk] Question about a virus risk
E. Sterling Wall
sterling at sumgai.co.uk
Sun Jun 23 22:12:37 EST 2002
Hi,
I know the basic tech behind viruses in general... Perhaps I should
have worded my question a bit differently.
My question was actually more along the lines of "Is Kmail and/or
Evolution vulnerable to the current variants of Klez that are all over
the place?" I am aware that this particular virus is aimed specifically
at Windows .exe files, which it infects by adding an extra paragraph to
the end of the binaries, as well as creating its own .dll. The reason
that I pointed out that I have no Windows but may have Wine is because I
wondered if whatever klez uses to infect Window's exe's and create it's
dll would be available to it because of wine and/or not available to it
because I have no *real* MS apps on this machine. Does that make sense?
I've gotten literally hundreds of klez-laden emails in the past month.
The first ones came with attachments that didn't even show up in
Evolution. The paperclip meaning "attachment here" was on the mail, but
the mail itself was blank and there was no note or "open, save, ..."
button for the attachment. More recent emails have had the attachment
file showing up as plain text.
I believe that the email that spontaneously opened up in Kmail had a
klez-type virus attachment from the attachment title and type. It was
similar to the one below (which i have only included the header and a
first line for).
---->snip start<------
Content-Type: application/octet-stream;
name=ADSAdClient31[1].htm
Content-Transfer-Encoding: base64
Content-ID: <F2e1527WZ423BH6VRyh>
PGEgdGFyZ2V0PSJfdG9wIiBocmVmPSJodHRwOi8vYWRzLm1zbi5jb20vYWRzL2FkcmVkaXIu
---->snip end<--------
-- sterling
Sumgai Technology
http://www.sumgai.co.uk
p. 01628 780738
m. 07766 073235
More information about the Techtalk
mailing list