Welcome to P2PNET.net - The original daily p2p and digital news site. Always First!
Register | Login
RIAA News
Cool Stuff
MPAA News
Games / Consoles
News
Music
Movies
TV
Open Source
Mobiles
Advertising
Product News
P2P
Off Topic
Freedom
Politics
Interviews
Security
DRM
Links
Kids and Kartels
Search: 
Search
 
Web P2PNET   
   Search: 
Search
Torrent Site Tracker
TekSavvy
 
Add real-time p2pnet headlines to YOUR site ! Click here to download our newsfeed code

Zafi.B: newest e-worm threat

p2pnet.net News:- It’s out there and it’s hungry – the Zafi.B worm that, as we reported yesterday, is causing major problems.

Among other things, it has a .pif attachment telling anyone who makes the mistake of opening it, "Don’t worry be happy."

But, Do Worry. Don’t be happy. Because Zafi.B, the latest rendition of Hungary’s Zafi.A and Erkez, among other names,will shanghai your email application.

And it has a fondness for p2p applications.

The latest version of Zafi.B has a message box reading, "We demand the government accommodates the homeless, tightens up the penal code and VOTES FOR THE DEATH PENALTY to cut down the increasing crime," says WebUser here.

F-Secure has issued a level 2 alert and, F-Secure product manager warns Mikael Albrecht, "This worm is tricky, as it has a feature that can close down firewalls and antivirus programs in order to help itself spread further. But that’s not all.

"Another interesting thing about this worm is that the infected messages come in many different languages. As most of the widely spread worms use only English, this feature may confuse the user to open the message – and the worm spreads on."

As an example an email message sent by Zafi.B may look like this, says F-Secure:

Sender: Jennifer
Subject: eYou`ve got 1 VoiceMessage!
Attachment:
"link.voicemessage.com.listen.index.php1Ab2c.pif"
Message body:

Dear Customer!
You`ve got 1 VoiceMessage from voicemessage.com website!
You can listen your Virtual VoiceMessage at the following link:
http://virt.voicemessage.com/index.listen.php2=35affv or by clicking the attached link.
Send VoiceMessage! Try our new virtual VoiceMessage Empire!
Best regards: SNAF.Team (R).

This entry was posted on Tuesday, June 15th, 2004 at 3:26 pm and is filed under Uncategorized. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.

HOME

Viewed 2151 times

« previous Windows XP SP2 update
New mobile bug likes Bluetooth next »

One Response to “Zafi.B: newest e-worm threat”

  1. Reader's Write Says:
    June 15th, 2004 at 4:40 pm

    Like all other worms and viruses and other stuff that destroy the system it explits the major flaw in the OS: opportunity to start
    a program without a permition of the user and opportunity to record
    on the harddrive without the permition of the user. Both features can be inplemented if the consumers demanded it.

  2. Reader's Write Says:
    June 15th, 2004 at 4:49 pm

    thanks youvery much for the warning…mrs reddy,india

  3. Reader's Write Says:
    June 15th, 2004 at 5:05 pm

    This only goes to show that you should never open suspicious attachments, particularly those with .pif extensions!

    Does this particular Worm open automatically if you just point to the email message, as in Auto Preview, or do you have to open the attachment? If you have to manually open the attachment, stay away!

  4. Reader's Write Says:
    June 15th, 2004 at 5:32 pm

    wie cud allso emplement corekt speling iff wie wer smaart enoph tu reed aa dikshunary!

  5. Reader's Write Says:
    June 15th, 2004 at 5:38 pm

    Got spelchek?

  6. Reader's Write Says:
    June 15th, 2004 at 5:47 pm

    p2pnet never EVER has typos. And we NVer mis-type, use bd grammer, like, or make speeling mistaks,

  7. Reader's Write Says:
    June 15th, 2004 at 6:19 pm

    wee isn’t igerant bumpkins dat kneeds goodly speling wurdz.

  8. Reader's Write Says:
    June 15th, 2004 at 6:30 pm

    And like all other worms and viruses, it only affects Windoze machines. Oh well.

  9. Reader's Write Says:
    June 15th, 2004 at 7:04 pm

    Like there are no virus and worms for Mac or Linux.

    There is no virus for the TRS-80 Model 1. Does that make it better?

    How about GameBoy?

    If you are going to exploit, you exploit the one with the major market share. You don’t waste your time with the small stuff.

  10. Reader's Write Says:
    June 15th, 2004 at 7:09 pm

    And like nearly all other worms and viruses, it only affects moronic users who open attachments when they don’t know what they are. These same people will gladly run “vmail.bin” or “vmail.sh”

  11. Reader's Write Says:
    June 15th, 2004 at 7:26 pm

    I would…I’m a windoze user and wouldn’t know the difference, when it comes to the linux/unix/which other flavor you want to pick i don’t know up from down. sad thing..i run a network and really haven’t a clue. i guess i’m envious because the redhatters seem to be able to really get the stuff done….but i do strip the pifs from coming in. just cant tell how to close my open relay…hmm…

  12. Reader's Write Says:
    June 15th, 2004 at 7:38 pm

    major flaw in OS, lol… it is possible for a non authorized user to get into and drive away your car, if they TRY HARD enough, and RISK punishment for crime.

  13. Reader's Write Says:
    June 15th, 2004 at 8:22 pm

    BLOCK PIF’S. BLOCK FREE MAIL SITES. SAVE YOUR COMPANY SOME TROUBLE.

  14. Reader's Write Says:
    June 16th, 2004 at 9:35 pm

    And for God’s sake, DON’T bounce the emails back!

    That’s just more traffic going to an email account that doesn’t exist, or isn’t aware that it’s compromised. We all suffer that way.

Leave a Reply

Please no Spam, flaming (attacking others), trolling, and posting off-topic. Thanks.

    Advertisements
MP3Rocket


Remove Spyware with AntiSpyware for Windows®