[Cialug] self-aware viruses/trojans
Nicolai
nicolai-cialug at chocolatine.org
Mon Apr 1 14:58:57 CDT 2013
On Mon, Apr 01, 2013 at 02:34:17PM -0500, Barry Von Ahsen wrote:
> has anyone seen this behavior?
>
> I get a real estate spam from person A to a ginormous To: list
> person B responds to spam with a similarly spammy message to the same list
> person C sends a new spam with very similar message to about half of the original list
Maybe person A infected the other two. Sounds like a worm.
> I respond to A, B and C informing them that they should change their
> email passwords and seek virus removal services
I assume you know person {A,B,C} since you replied to them?
> B responds to me with "Nop i sent it ...its new properties" [sic]
> A responds to me with "not a virus i checked its amazing" [sic]
> the pseudo code is easy enough: if a message comes in in-response-to my
> message, and the body is like '%you have a virus%', then respond 'no,
> it's okay, click the link' goto subjugate_humans
Can you try responding with different responses? like
* ok, thanks!
* please remove me from your list
* spam
* i'm not interested
* please send a baby rhinocerous at once, will pay double
Ideally each from a different temp account on your domain, to ensure you
don't start getting spam in your inbox. Then see what responses you
get.
Nicolai
More information about the Cialug
mailing list