[Gllug] New worm doing the rounds?

Richard Jones rich at annexia.org
Tue Feb 10 16:14:38 UTC 2004

On Tue, Feb 10, 2004 at 12:07:37PM +0000, Simon Wilcox wrote:
> On Mon, 9 Feb 2004, Christopher Hunter wrote:
> > The virtual invulnerability of Linux to malware should be one of its'
> > major selling points!
> This is sort of true but the latest trojan doing the rounds does not rely
> on any vulnerabilities in windows, it's a social engineering trick. It 
> could work just as well on linux if someone bothered to write one and the 
> userbase was sufficiently clueless to run the attachment.

[Slightly modified from a /. posting ...]

Subject: Hi

This message contains Unicode and has been sent as an attachment.

Please download the attachment to /tmp.
Type: cd /tmp
zcat mal.tar.gz | tar xf -
cd mal
Type in your root password.
make install

Then it would be helpful if you could send this message on to all the
people in your addressbook.



Richard Jones. http://www.annexia.org/ http://www.j-london.com/
Merjis Ltd. http://www.merjis.com/ - improving website return on investment
MOD_CAML lets you run type-safe Objective CAML programs inside the Apache
webserver. http://www.merjis.com/developers/mod_caml/
Gllug mailing list  -  Gllug at gllug.org.uk

More information about the GLLUG mailing list