First JPEG Virus Posted To Usenet

Found on Slashdot on Monday, 27 September 2004

This could possibly be the worst viruses yet! Earlier this month Microsoft announced a problem in their GDI driver that processes the way JPEG images are displayed. Someone has finally posted an exploit to Usenet. Easynews, a premium Usenet provider, found the virus Sunday afternoon. Up-to-date information about how we found it and what it does is located at www.easynews.com/virus.txt. When this picture is viewed it installs remote management software (winvnc and radmin) and will connect to irc.

That didn't take long. The key to success is easy: pron. By posting such an image across several adult newsgroups, one can be sure to find enough victims. Various sources said that the ftp is filled with users trying to get the backdoor files; however, it looks like the login changed. The one posted on easynews.com doesn't work. If you ware curious, give GDI Scan a try.

Browse all articles« Previous « » Next »