Swen

Discussion in 'Computer Support' started by =?ISO-8859-1?Q?R=F4g=EAr?=, Sep 19, 2003.

  1. Deity knows I hate to spread virus rumours, but here goes with the latest:

    A new mass-mailing virus is on the loose on the Internet, this one
    masquerading as a message from Microsoft Corp. about a cumulative
    security patch. Known as either Swen or Gibe, the virus is mainly found
    in Europe right now, but anti-virus experts say it has the potential to
    spread quickly and widely.

    Like some other recent worms and viruses, Swen attempts to spread
    through several different methods, including peer-to-peer file sharing
    networks and IRC channels. It takes advantage of a two-year-old flaw in
    Microsoft Outlook and is capable of automatically executing the infected
    attachment once the message is opened.
    Swen arrives in an e-mail message with a subject line of "Microsoft
    Critical Patch" and an executable attachment with a random file name.
    The message body itself is a somewhat realistic looking HTML message
    that includes Microsoft's logo and links to the company's Web site. The
    body instructs the user to install the included attachment, which is
    described as the "February 2003, Cumulative Patch" for Outlook, Outlook
    Express and Internet Explorer.

    The virus then copies itself to the folder used to share files on the
    Kazaa network, if it exists on the infected machine. Swen applies names
    to the infected files in the Kazaa folder that make the files appear to
    be patches for other viruses, such as Bugbear and SoBig, according to an
    analysis of the virus by iDefense Inc., in Reston, Va.

    Swen was first discovered early Thursday morning and has yet to make
    much of a mark in North America. But, rare is the mass-mailing worm that
    goes away quietly without enticing a few thousand people into opening
    the infected e-mail.
     
    =?ISO-8859-1?Q?R=F4g=EAr?=, Sep 19, 2003
    #1
    1. Advertising

  2. =?ISO-8859-1?Q?R=F4g=EAr?=

    Boomer Guest

    Rôgêr said:

    > Deity knows I hate to spread virus rumours, but here goes with
    > the latest:
    >
    > A new mass-mailing virus is on the loose on the Internet, this
    > one masquerading as a message from Microsoft Corp. about a
    > cumulative security patch. Known as either Swen or Gibe, the
    > virus is mainly found in Europe right now, but anti-virus
    > experts say it has the potential to spread quickly and widely.
    >
    > Like some other recent worms and viruses, Swen attempts to
    > spread through several different methods, including peer-to-peer
    > file sharing networks and IRC channels. It takes advantage of a
    > two-year-old flaw in Microsoft Outlook and is capable of
    > automatically executing the infected attachment once the message
    > is opened. Swen arrives in an e-mail message with a subject line
    > of "Microsoft Critical Patch" and an executable attachment with
    > a random file name. The message body itself is a somewhat
    > realistic looking HTML message that includes Microsoft's logo
    > and links to the company's Web site. The body instructs the user
    > to install the included attachment, which is described as the
    > "February 2003, Cumulative Patch" for Outlook, Outlook Express
    > and Internet Explorer.
    >
    > The virus then copies itself to the folder used to share files
    > on the Kazaa network, if it exists on the infected machine. Swen
    > applies names to the infected files in the Kazaa folder that
    > make the files appear to be patches for other viruses, such as
    > Bugbear and SoBig, according to an analysis of the virus by
    > iDefense Inc., in Reston, Va.
    >
    > Swen was first discovered early Thursday morning and has yet to
    > make much of a mark in North America. But, rare is the
    > mass-mailing worm that goes away quietly without enticing a few
    > thousand people into opening the infected e-mail.
    >


    I just read about it over at alt.comp.anti-virus
    From: "Thomas Krug" <>
    Message-ID: <news:bkdm27$rgc$03$-online.com>

    <Quote>
    F-Prot, CAI and several others developed new signature files very
    fast.

    Find info here:
    http://www.symantec.com/avcenter/venc/data/
    </Quote>
     
    Boomer, Sep 19, 2003
    #2
    1. Advertising

  3. =?ISO-8859-1?Q?R=F4g=EAr?=

    DC Guest

    On Thu, 18 Sep 2003 22:05:16 -0400, Rôgêr <> wrote:
    > Deity knows I hate to spread virus rumours, but here goes with the latest:
    >
    > A new mass-mailing virus is on the loose on the Internet, this one
    > masquerading as a message from Microsoft Corp. about a cumulative
    > security patch. Known as either Swen or Gibe, the virus is mainly found
    > in Europe right now, but anti-virus experts say it has the potential to
    > spread quickly and widely.

    [snip]

    Yeah, I've received over 40 of the goddamn things in the last 2 hours.
    At 154KB a pop.

    Ridiculous. }:O(

    --
    DC

    Microsoft is not the answer, it is the question. The answer is NO.
     
    DC, Sep 19, 2003
    #3
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. Boomer
    Replies:
    8
    Views:
    488
    Jimmy Dean
    Sep 20, 2003
  2. Michael Thompson

    Swen Worm

    Michael Thompson, Sep 19, 2003, in forum: Computer Support
    Replies:
    12
    Views:
    946
    Goonigoogoo
    Sep 20, 2003
  3. Max Quordlepleen

    Guess who's helping propagate Swen?

    Max Quordlepleen, Sep 19, 2003, in forum: Computer Support
    Replies:
    8
    Views:
    484
    L Mehl
    Sep 27, 2003
  4. Thore Schmechtig
    Replies:
    17
    Views:
    801
    Gregg Dotoli
    Sep 27, 2003
  5. Thore Schmechtig

    [SWEN tiny FAQ] How to filter Swen mails with M$OE 6

    Thore Schmechtig, Sep 25, 2003, in forum: Computer Security
    Replies:
    19
    Views:
    593
    kd7sk
    Sep 27, 2003
Loading...

Share This Page