I think the majority of us know about this, but for those who don't, I thought I'd make a topic for it.

We determined in that Saturday IRC chat that there's an e-mail virus going around that masks itself as various forum members. So far I've gotten 3, supposedly from Kira and PHJ. The e-mails usually say stuff like, "Re: Hi" "Msg Reply" or "Forum notice", and have an attachment. DON'T OPEN THESE! They're NOT from forum members, and are just an evil virus waiting to be unleashed on your computer. :evil:

So, to recap. If you get an e-mail from a forum member, either ask the person if they sent it, or delete it!

So, there's your warning. Viruses are bad. Rawr. :evil:

Well, that doesn't sound good. Thanks for the warning, Fuyu.

is it one of those attachments that are 26kb big and have the extension .zlo?

I usually don't open them :wink:

.zlo

"zloty"? :?




;)

.zlo

"zloty"? :?




;)

hehe may be :D

but I guess it is some e-mail-program-internal-file-thingy
I dunno
as I said I never opened one
but I heard from someone who did, that his computer blue-screened and a couple of files were missing and so on :wink:

I don't know what the attachment was, I didn't open it. :roll:

Actually, I've been meaning to say something about this.

During the last 10 days or so, I received messages which look like they're from PHJ, cat and Derek, with titles like "change" or "notification". Due to the recent "upgrade" of Yahoo Mail, which now usually causes my system to freeze whenever I attempt access, I haven't been able to actually open any except one -- a message ostensibly from PHJ consisting of the text "toy.scr" and an attachment in which Yahoo scan detects a Beagle virus.

I'd been wondering why I suddenly started receiving emails from y'all and was hoping I hadn't done something wrong.

I've been getting them too, I had one "from" Zeke! But realised it was a virus and deleted it. Any clue where these are coming from? I hardly think it's a coincidence.

"zloty"? :?

The Polish currency? Somehow I doubt it. ;)

you can make up any extension you want

you only have to make sure that the extension is somehow executive.....

now you say it.....I doubt that is mean zloty too. :wink:

I've gotten several of these, but they were in my bulk box, plus I didn't recognize the sender, so I deleted them. I figured it was a virus once I saw several of these.

I haven't been getting any of those, actually. In what way do they look like they're coming from forumgoers?

I haven't been getting any of those, actually. In what way do they look like they're coming from forumgoers?

The name of the sender is a forum-goer. For instance, yesterday I got one from "Pointyhairedjedi" :P

Well, that's obviously fake then.

*Looks around shiftily*

Well, that's obviously fake then.

*Looks around shiftily*

LOL, I should hope so. Or else I might create a nice thwapping object just for the sole purpose of thwapping you. :lol:

I just got one from Neo, under the name Taybar 19. It had the subject "protected message" and appered to be carrying multiple attachments. :?

LOL, I should hope so. Or else I might create a nice thwapping object just for the sole purpose of thwapping you. :lol:

You mean you don't already? :shock:

LOL, I should hope so. Or else I might create a nice thwapping object just for the sole purpose of thwapping you. :lol:

You mean you don't already? :shock:

Not yet.

Maybe it can be the Super Quick Posting Power Inflatable Squeaky Hammer of Thwapping.

You'll never be able to remember the name, therefore you'll never see it coming until it's too late... Muahaha... :3

I`ve been getting those too! Supposedly from Zeke, Kira, Marc... And Marc told me he got one from me... Weird. Evil viruses.


BTW, about the attachment .zlo... "Zlo" means "Evil" in Croatian, :twisted: How dubious...

I just got one from Neo, under the name Taybar 19. It had the subject "protected message" and appered to be carrying multiple attachments. :?

Yep, that's my other username

Maybe it can be the Super Quick Posting Power Inflatable Squeaky Hammer of Thwapping. The SQuiPPISHT? :shock: Horrors!

I just got one from "Tayawhitestar"
is that one of the forumgoers?

well, but my email provider erased the annex with the virus Worm.Bagle.Gen-zippwd but informed me that it was there...

@ nic: that might be the best extension for a file that is carrying a virus "evil"

I just got one from "Tayawhitestar"

Oooo, sneaky (that would be taya17 btw)

Yeah that's 17... So they don't all list us as our usernames, hm? So now I wonder, do they go around by multiple names per forumgoer? Not that it really matters... I'm just curious.

They appear to be using IM names, at least when possible ;)

So you think you are safe because you do not use IM?

I also got 2 from "aozm" infected with Virus "Worm.Bagle.Z"

is that a member of the forum too?

Not that I know.

Who doesn't use IM?

So you think you are safe because you do not use IM?

No, I mean they're putting IM names in the subject line or sender line or whatever if such names are available. For whatever reason :?

Who doesn't use IM?I've never used it, but I have received several of these infected emails, all with regular email addresses. I'm thinking a spybot may be picking them up off the email buttons found at the bottom of each post.

I also got 2 from "aozm" infected with Virus "Worm.Bagle.Z"

is that a member of the forum too?

aozm is me, it's part of my email address is use for msn. Stranger and stranger...

^ Got one of those this morning.

does anybody know "Saberlime"?

got a mail "forum notify"

infected with Virus "Worm.Bagle.Gen-zippwd" again

I've actually yet to get one of these. Very strange.

does anybody know "Saberlime"?

got a mail "forum notify"

infected with Virus "Worm.Bagle.Gen-zippwd" again

Gah! Noooo, that's the beginning of my e-mail! T_T

Got another one this morning from "Azom" or something like that... :/

That's FREAKY.

I haven't gotten any of those, truthfully... for which I am thankful. But then again, neither of the three email addresses I use regularly are associated with this board; I haven't yet checked the one which is.

If someone, or something is hacking into the board databases I think we oughta let someone on the PhpBB admin know about it. It's scary.

A while back, I got a few bounced messages from Zeke, but none directed at me.

I highly doubt anybody's hacking into the database. More likely, they're just collecting the emails from everybody's profiles.

Kinda ironic it happened when the boards changed for "added security" :wink: ...wonder what's going on. Evilness... :evil:

We're all going to die! *screams and runs around in a circle*

I think it's time we implemented some of our "protect your planet" procedures. :wink:

Ok, now i keep getting them from kal-el. :evil: Any takers? :wink:

got two more from "saberlime"

got two more from "saberlime"

*sniffs* Cheeky... bastards. *shakes fist*

you are a very diligent mailer aren't you? :twisted:

you are a very diligent mailer aren't you? :twisted:

It would be REALLY funny if I got one of those. :twisted: Dilligent indeed.

Ok, now i keep getting them from kal-el. :evil: Any takers? :wink:

GASP! That`s my address! :evil: :evil: :evil:

Hmmm, I haven`t gotten one of those for quite some time now. Thankfully...

Ok, now i keep getting them from kal-el. :evil: Any takers? :wink:

GASP! That`s my address! :evil: :evil: :evil:

Hmmm, I haven`t gotten one of those for quite some time now. Thankfully...

Meh, I keep getting the Aozm ones. >_< Is anything going to be done about this? X_x

Is anything going to be done about this? X_x

Don't know, really. When you started this thread, I kinda got the impression that everyone but me knew about it already (from chat, I'm guessing) and I supposed that included Zeke. I've been wrong before, though.

Funny, I haven't gotten anything. I guess i'm just not special enough to get viruses in my email. Just like no one ever offered me drugs in high school! I felt so left out! :cry:

Meh, I keep getting the Aozm ones. >_<

Still me! *waves* and adding to the collection I got one from Kira this morning :?

I've had several emails from Draknek now. They all say RE: Site Changes, but there's no text, only an attachment that has a virus in it.

VIRUS! Where?
*shoots randomly*

Oh, e-mail virus.

I haven't gotten anything. Am I not special, or is because I use hotmail?

EDIT: Or is it just the people who do not display their e-mail addresses on their posts who don't get anything? I'm not sure whether I used my e-mail for my MSN Messenger thingie, though...

EDIT: Or is it just the people who do not display their e-mail addresses on their posts who don't get anything? I'm not sure whether I used my e-mail for my MSN Messenger thingie, though...
Nope. I didn't get anything either.

well then I have to send you some too...


OHHH
have I thought this or have I said this???

*hides under desk*

Hey look people! Did you hear that? We have found our spammer. :wink:

Hey look people! Did you hear that? We have found our spammer. :wink:Mm hmmm. Several of those I received, including the last, had your name on them. :twisted:

Well, ehm, did you delete them yet?

*Sees mudshark nodding*

No they didn't! :roll:

it keeps on going

just got one from taybar again

Yeah. It seemed be getting quieter, but then I got two more, yesterday or day before. These were bigger, too; where they had been filesize 27-33Mb, the last two were 50 and 100 Mb. One of them was pretending to be a Mail Delivery System bounceback.

what mailbox do you have when you can receive mails with several megabytes..... :wink:

got another one from "Hotaruchan"

they are altering the virusses now
the last before that was "Virus: Worm.Bagle.Gen-vbs"
now it is "Virus: Worm.Bagle.Gen-zippwd"

they are trying everything

Got one from "DanielDoof" this morning. :P The weird thing was this one came to my Inbox... all the other ones went to my Bulk folder. *sigh*

Got one from "DanielDoof" this morning. :P The weird thing was this one came to my Inbox... all the other ones went to my Bulk folder. *sigh*


HAHA it works

*looks around and sees someone coming*
oh now I am scared too

I really do not know what is going on here
it doesn't happen in my other forum :?

I got one from NAH this morning, using the same email that he used for that quiz thingy. This is only the second one that's landed in my in box, there may have been more that landed in the bulk box, but i don't check that unless i don' t receve an email i'm expecting.

Looks like it's the Beagle (http://securityresponse.symantec.com/avcenter/venc/data/w32.beagle.h@mm.html) virus :?

Beagle, eh?

Bad dog! *gets out a rolled up news paper.*

You guys must have all your email addys in your adress book, and then someone got the virus and it started sending out random emails to everyone in your list, then those people sent more emails, and the thing snowballed.

Looks like it's the Beagle (http://securityresponse.symantec.com/avcenter/venc/data/w32.beagle.h@mm.html) virus :?As I stated on 3 August. ;)

^Indeed. But no handy link to go with it then ;)

it doesn't stop

who of you is real
with the address real_skywalker?

got one from you :wink:

That would be me.

*Looks shifty*

I haven't recieved any of these e-mails. I also don't think that they're related to your address book, because I haven't gotten any, but people have recieved some from me. I'm Hotaruchan, btw. So, I don't know why I don't have any...

Me neither. I find this very strange. Especially as I receive about a dozen spam e-mails a day anyway. :roll:

I haven't gotten any more since the half a dozen from draknek. though i have started getting realestate and get rich quick schemes for no apparent reason. they're from 'kiteflyinover' though. anyone?

Doesn't sound familiar...

Got a really weird one from mark@scifiguy.net

acudadxdri.gif (2286 bytes) [View] [Open] [Save As]
Joke.zip (22464 bytes) [View] [Open] [Save As]
Mime.822 (35057 bytes) [View] [Save As]

and the message:
Archive password: [weird not-working piccy(you know, one of those boxes with a red cross)]

the joke.zip says:

Contents of 412ba926.CMC

zehokyl.exe
jliklp.vid


and the other thingy is a website counter.

but the strange thing is, i don't think it's a virus because i can't open it (yes, I tried - stupid, I know)

That would be Scooter then, right?

That it would.

got one from aozm again

also got a "Mail delivery failed: returning message to sender"
that is very weird

the mail apparently went out from "my" email address to xeroc

we have to find the one sending those mails
its getting on my nerves now

I seem to be getting them only when I get e-mail in my Inbox now. It's... getting weirder. Not only that, but when I do get them, they come in droves. X_x I'm getting 4 or 5 at a time now. >_<

I used to get those, and I'd be people I wouldn't even know, which made me think that some spam was being routed throguh my account. So, I just blocked the adressee, changed my password and layed low for a few days - then I unblocked the return to sender address - and everything was peachy.


I don't know if any of that helps, or is ever relevant. But, um, there you have it then.

I finally saw those spam mails; apparently they were going into the Bulk Mail folder of the Yahoo! account I only check once a month anyway. They were from "Enterprise" and MmeBlueberry.

Since I was on a school computer I decided to be :twisted: and clicked on the "Scan and Download Attachment" link. Yep, there be a virus alright... both mails contained versions of the Beagle virus.

What the HELL that Porthos is doing to our fora, I have no idea. We'll get that AIBO someday, I swear!

I finally saw those spam mails; apparently they were going into the Bulk Mail folder of the Yahoo! account I only check once a month anyway. They were from "Enterprise" and MmeBlueberry.

Since I was on a school computer I decided to be :twisted: and clicked on the "Scan and Download Attachment" link. Yep, there be a virus alright... both mails contained versions of the Beagle virus.

What the HELL that Porthos is doing to our fora, I have no idea. We'll get that AIBO someday, I swear!

Hehe, I'm tempted to do that when I get back to school.

Actually. No I'm not. The last time we were flooded with viruses was last year in graphic design. I barely got my stuff done. So never mind. X_x

Got another two from mark@scifiguy.net
I opened them (I was at school) and nothing happened for ten minutes, until suddenly no internet sites would load - instead getting directed to a search site that kept refreshing every half-second.

These ones were Bagel viruses. Yes, Bagel. I have been attacked by a bagel worm, according to the computer. At least it wasn't HALF a bagel worm.

Indeed, because there's nothing worse than finding half a worm in your bagel.

Or something.