[Techtalk] Question about a virus risk

Carla Schroder carla at bratgrrl.com
Sun Jun 23 16:34:26 EST 2002 

On Sunday 23 June 2002 09:12 pm, E. Sterling Wall wrote:
> Hi,
>
> 	I know the basic tech behind viruses in general... Perhaps I should
> have worded my question a bit differently.
>
> 	 My question was actually more along the lines of "Is Kmail and/or
> Evolution vulnerable to the current variants of Klez that are all over
> the place?" I am aware that this particular virus is aimed specifically
> at Windows .exe files, which it infects by adding an extra paragraph to
> the end of the binaries, as well as creating its own .dll. The reason
> that I pointed out that I have no Windows but may have Wine is because I
> wondered if whatever klez uses to infect Window's exe's and create it's
> dll would be available to it because of wine and/or not available to it
> because I have no *real* MS apps on this machine. Does that make sense?
>
> 	I've gotten literally hundreds of klez-laden emails in the past month.
> The first ones came with attachments that didn't even show up in
> Evolution. The paperclip meaning "attachment here" was on the mail, but
> the mail itself was blank and there was no note or "open, save, ..."
> button for the attachment. More recent emails have had the attachment
> file showing up as plain text.
>
> 	I believe that the email that spontaneously opened up in Kmail had a
> klez-type virus attachment from the attachment title and type. It was
> similar to the one below (which i have only included the header and a
> first line for).
>

I've had strange Kmail behaviors since the tidal wave of triple-damned email 
viruses hit my mailbox. I finally set up Procmail to block all attachments. 

I don't allow HTML email - plain text only. But some .exes will still slip 
through. Evolution should have a 'view source' or similar option to reveal 
all the headers and nasty embedded codes. 

I've been planning to rebuild my system anyway, since Kmail is acting weird 
I'm going do it sooner. Folders have been marking everything as read, and the 
status icons- reply, sent, flagged, etc have all vanished. Your situation 
sounds scarier- shouldn't be self-executing messages.

I can't say conclusively that viruses are responsible for my Kmail weirdness, 
but it sure is a big coincidence. There's no reason any reasonably competent 
32-bit code would not have some cross-platform ability. 
-- 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Carla Schroder, Bratgrrl Computing
Plain English Spoken Here
www.bratgrrl.com
this message brought to you by Kmail,
on Red Hat Linux 7.2
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

More information about the Techtalk mailing list