Author Topic: OK who's sending the virus?  (Read 9420 times)

Offline rickg22

  • Lives here!
  • ****
  • Posts: 2283
OK who's sending the virus?
« on: March 03, 2006, 05:49:51 pm »
Guys, i've recently been receiving e-mails infected with the W32/Nyxem-D virus (attachments are "winzip.bhx") by someone who has the codeblocks.org in their address book. The virus uses its own e-mail server, so the infected user is unaware that he's sending the e-mails.

(See http://securityresponse.symantec.com/avcenter/venc/data/pf/w32.blackmal.e@mm.html for more info)

Please scan your computers everyone (specially the devs). Thank you.

Update: Last e-mail was sent from 201.25.209.76, which resides in mexico city (no, it's not me, I checked).
« Last Edit: March 03, 2006, 05:51:50 pm by rickg22 »

Offline thomas

  • Administrator
  • Lives here!
  • *****
  • Posts: 3979
Re: OK who's sending the virus?
« Reply #1 on: March 03, 2006, 06:09:31 pm »
Actually 201.25.0.0-201.25.1.255 is Brasil Telecom, unlikely this is Mexico City... :)

That could be SolidNuts.
"We should forget about small efficiencies, say about 97% of the time: Premature quotation is the root of public humiliation."

Offline rickg22

  • Lives here!
  • ****
  • Posts: 2283
Re: OK who's sending the virus?
« Reply #2 on: March 03, 2006, 10:39:05 pm »
Yes, you're right, it's Brazilia. I got confused somehow.

Anyway who?

Offline rickg22

  • Lives here!
  • ****
  • Posts: 2283
Re: OK who's sending the virus?
« Reply #3 on: March 03, 2006, 11:41:04 pm »
No it's not solidnuts, i PM'ed him and his ip is other. I guess we can only wait until the problem fades :(

Offline thomas

  • Administrator
  • Lives here!
  • *****
  • Posts: 3979
Re: OK who's sending the virus?
« Reply #4 on: March 07, 2006, 01:00:16 pm »
Well, we only have one user in 201.25.0.0/16 and none of the other 32 in the 201.0.0.0/24 range is anywhere near that IP...

Strikes me odd that someone who has never visited the forum has your email address in his address book. Ah well, nothing we can do, I guess. Brazil Telecom will shut him down anyway :)
"We should forget about small efficiencies, say about 97% of the time: Premature quotation is the root of public humiliation."