Today I’m going to do something different. Yes, I’m also going to do something different on the blog. I’d like to welcome my cohort in linux, Art Alexion. He had a very interesting experience recently and I insisted on having him write it down. It starts when he used Google to find out how to unpack a file.
So, I tried the second link. This is a link to
GIF that was purporting to do a scan of my EXEs and DLLs (ha ha).
Next it used a layer to present a very convincing looking WinXP dialog with ‘Microsoft Windows’ in the title bar showing me the viruses it found and asking me to install. Of course, no matter where I clicked on it, it tried to install its nefarious payload.
I expected it to just fail, but our Sonic Wall blocked it before incompatibility with Linux did.
If you have ever been called on to help friends or users infected with this thing, it is fun to see how they got it, from a safe distance.
Name: Aennova M Decisionware
Address: Rua Maestro Cardim 1101 cj. 112
City: Sgo Paulo
Postal Code: 01323
Current Registrar: TODAYNIC.COM, INC.
IP Address: 126.96.36.199 (ARIN & RIPE IP search)
IP Location: UK(UNITED KINGDOM)
Lock Status: clientTransferProhibited
DMOZ no listings
Y! Directory: see listings
Data as of: 14-Jun-2005
Yet another great reason to run linux.