(Swen) New Virus

**+Daemon+** · September 18th, 2003, 12:19 PM

W32.Swen.A@mm is a mass-mailing worm that also attempts to spread through file-sharing networks, such as KaZaA, and IRC, and will attempt to kill antivirus and personal firewall software running on the computer.

The worm will also attempt send itself out to addresses found in the Microsoft Outlook address book. The email in which W32.Swen.A@mm arrives within can vary. Some examples include emails that claim to be patches for Microsoft Internet Explorer, or as delivery failure notices from qmail.

**ChipCreep** · September 18th, 2003, 04:23 PM

If I catch anyone with KaZaa on my network, forget the worm, I'll be mass-mailing them out in itty-bitty pieces.

**FatalException0E** · September 18th, 2003, 05:37 PM

Originally Posted by ChipCreep

If I catch anyone with KaZaa on my network, forget the worm, I'll be mass-mailing them out in itty-bitty pieces.

Dude, that's awesome. I'll have to remember that.

**Orangeman** · September 19th, 2003, 05:50 PM

Why do people make these things? Don't they have better things to do with their time?

**Stalemate** · September 22nd, 2003, 11:58 AM

Got one last week in an e-mail titled "Last (or final?) Security Update" straight from Microsoft.

Yeah, right.

**Gollo** · September 22nd, 2003, 12:37 PM

I've been getting them for several days now. AVG has been catching all of them.

**flackt** · September 22nd, 2003, 01:10 PM

Originally Posted by a d e p t

Got one last week in an e-mail titled "Last (or final?) Security Update" straight from Microsoft.

Yeah, right.

Could you imagine if Microsoft did email every registered customer, every time they issued a Patch!

That would be alot of e-mail!

**Stalemate** · September 22nd, 2003, 02:57 PM

Originally Posted by flackt

Could you imagine if Microsoft did email every registered customer, every time they issued a Patch!

That would be alot of e-mail!

Well, it did try to copy the look of the MS Security Updates I'm subscribed to, but McAfee saw something wrong with a GIF inside, so it got more attention from me after that.

**Stalemate** · September 29th, 2003, 04:24 PM

As much as I would like for there to be dire and much terminal consequences for virus writing/distributing, I must admit that there's a lot of work going into the social engineering aspect.

Check out this pic:

And McAfee responded dutifully when I received it:

****************** McAfee VirusScan ************************
******* Alert generated at: Mon, 29 Sep 2003 16:59:27 -0500 *********
************************************************** *******************
McAfee VirusScan has detected a potential threat in this e-mail
sent by Security Department <[email protected]>.
The following actions were attempted on each suspicious part.
We strongly recommend that you report this virus-related activity
to Security Department <[email protected]>.

The attachment "Installer.exe" is infected with the W32/Swen@MM Virus(es).
This attachment has been cleaned.

Thread: (Swen) New Virus

Thread Tools

Display

(Swen) New Virus

KaZaa & IRC

Follow up

Bookmarks

Bookmarks

Posting Permissions