[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Full-Disclosure] Netsky.P -> sneaky one!

To: "Andrew Aris" <andrew@xxxxxxxxxxxxxxxxxxxxxxxxx>, <full-disclosure@xxxxxxxxxxxxxxxx>
Subject: Re: [Full-Disclosure] Netsky.P -> sneaky one!
From: Joe Matusiewicz <joem@xxxxxxxx>
Date: Tue, 23 Mar 2004 08:50:56 -0500

At 05:44 AM 3/23/2004, Andrew Aris wrote:

Hi all,

just had a mail throught that NAV has detected as being Netsky.P, the text
of the mail was:

From: jaume@xxxxxxxxxxxxx [mailto:jaume@xxxxxxxxxxxxx]
Sent: 23 March 2004 08:24
To: ****
Subject: Re: approved information

Authentication required.

+++ Attachment: No Virus found
+++ MC-Afee AntiVirus - www.mcafee.com

I thought the "MC-Afee" bit was a nice touch, might just convince a fair few
people!

I saw one a even better...the From: address was support@xxxxxxxxxxxxx They were supposedly using their competitor's product -- Mc-Afee (sic) -- for their virus scanning.

-- Joe

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

References:
- [Full-Disclosure] Netsky.P -> sneaky one!
  - From: Andrew Aris

Prev by Date: Re: [Full-Disclosure] FREE ....
Next by Date: Re: [Full-Disclosure] ISS 'Witty' Worm Analyzed
Previous by thread: [Full-Disclosure] Netsky.P -> sneaky one!
Next by thread: RE: [Full-Disclosure] Netsky.P -> sneaky one!
Index(es):
- Date
- Thread