Page 1 of 2 12 LastLast
Results 1 to 10 of 14

Thread: . : | E-mail Address For Virus Sender | : .

  1. #1
    KazaaBoy's Avatar Nothing On The Moon.
    Join Date
    Jul 2003
    Posts
    354
    As I said before in another topic that once someone sent me a virus and all it had in the return path was this " <> "

    Now they sent it again and this time the address is different. Check it out

    Code:
    Return-Path&#58; &#60;[email protected]&#62;
    Delivered-To&#58; [email protected]
    Received&#58; &#40;qmail 22098 invoked from network&#41;; 1 Oct 2003 22&#58;00&#58;15 -0000
    Received&#58; from turkey.mail.pas.earthlink.net &#40;207.217.120.126&#41;
     &nbsp;by 0 with SMTP; 1 Oct 2003 22&#58;00&#58;15 -0000
    Received&#58; from dialup-171.75.7.35.dial1.phoenix1.level3.net &#40;&#91;171.75.7.35&#93; helo=vhlof&#41;
    	by turkey.mail.pas.earthlink.net with smtp &#40;Exim 3.33 #1&#41;
    	id 1A4ow1-000510-00; Wed, 01 Oct 2003 14&#58;55&#58;02 -0700
    FROM&#58; &#34;Security Support&#34; &#60;[email protected]&#62;
    TO&#58; &#34;Microsoft Customer&#34; &#60;[email protected]&#62;
    SUBJECT&#58; &nbsp;
    Mime-Version&#58; 1.0
    Content-Type&#58; multipart/mixed; boundary=&#34;dlntrravlhho&#34;
    Message-Id&#58; &#60;[email protected]&#62;
    Date&#58; Wed, 01 Oct 2003 14&#58;55&#58;02 -0700
    I changed the Delivered-To: [email protected] to protect my e-mail address from spammers when reading this post.

    What do you all think and how can I trace this person down.

  2. Software & Hardware   -   #2
    Wolfmight's Avatar Poster BT Rep: +1
    Join Date
    Feb 2003
    Location
    Location: Location:
    Posts
    5,545
    just goto symatec security response website.. they got info on all viruses

  3. Software & Hardware   -   #3
    he/she probably used telnet or sumother program that sends fake emails (email bomber)

  4. Software & Hardware   -   #4
    fkdup74's Avatar Pneuberator.
    Join Date
    Sep 2003
    Posts
    3,554
    send it back&#33; send it back&#33;
    I am just a worthless liar. I am just an imbecile.
    I will only complicate you. Trust in me and fall as well.
    I will find a center in you. I will chew it up and leave.
    I will work to elevate you just enough to bring you down.

  5. Software & Hardware   -   #5
    Originally posted by FKDUP74@2 October 2003 - 00:38
    send it back&#33; send it back&#33;
    he cant send it back. that email address doesnt exist

  6. Software & Hardware   -   #6
    KazaaBoy's Avatar Nothing On The Moon.
    Join Date
    Jul 2003
    Posts
    354
    Originally posted by FKDUP74@2 October 2003 - 00:38
    send it back&#33; send it back&#33;
    I would have to go down to their level and and act like a buffoon. I have seen a program that send e-mail and allows you to send a fake e-mail with an attchment and allows you to type a fake address as the return path.

    This virus forced it&#39;s self to download on my computer. I didn&#39;t click the download button or even check the e-mail.

  7. Software & Hardware   -   #7
    Wolfmight's Avatar Poster BT Rep: +1
    Join Date
    Feb 2003
    Location
    Location: Location:
    Posts
    5,545
    Originally posted by KazaaBoy+1 October 2003 - 18:47--></div><table border='0' align='center' width='95%' cellpadding='3' cellspacing='1'><tr><td>QUOTE (KazaaBoy @ 1 October 2003 - 18:47)</td></tr><tr><td id='QUOTE'> <!--QuoteBegin-FKDUP74@2 October 2003 - 00:38
    &nbsp; &nbsp; &nbsp; send it back&#33; send it back&#33;&nbsp; &nbsp; &nbsp;
    I would have to go down to their level and and act like a buffoon. I have seen a program that send e-mail and allows you to send a fake e-mail with an attchment and allows you to type a fake address as the return path.

    This virus forced it&#39;s self to download on my computer. I didn&#39;t click the download button or even check the e-mail. [/b][/quote]
    yea, then kazaaboy would become the culprit

  8. Software & Hardware   -   #8
    Poster
    Join Date
    Mar 2003
    Posts
    3,582
    There&#39;s your return path >>
    FROM: "Security Support" <[email protected]>
    TO: "Microsoft Customer" <[email protected]>
    It&#39;s likely not real or it&#39;s an unidentifiable localhost ID. You could try "finger" but it&#39;s unlikely you&#39;ll get real results. YourISP should really provide better info on this. This looks weak. I got several pages of network info on the same email and it was tracked very successfully back to some romanian kid in the early days. Now it&#39;s widespread.
    As for sending it back, why? the virus is just going to add you and all your contacts back into it&#39;s DB for more mailings.
    Ignore it, don&#39;t even let it know you exist. Chances are, if you opened on of these viruses already, then your system has also sent the virus attachments on and someone is looking for you as well.

    Instead, go into your tools and options menus. Create a new blocked sender rule where person "<>" is blocked from your email client and all messages containing this sender address are deleted from the server. You can do that with a number o known exploits. The same as spam filters do. Removed quoted subject lines as well and have them moved to a temp folder because they&#39;re likely to be mass mailed junk.

    There&#39;s some reg keys that will prevent these attachments from being able to execute. No extensions means no execute. It was posted here a month or two ago.

  9. Software & Hardware   -   #9
    sparsely's Avatar °¤°¤°¤°¤°¤°¤°
    Join Date
    Dec 2002
    Location
    static hum
    Posts
    3,486
    I&#39;m sure there&#39;s somebody you can sue over this...


    this post is guaranteed 100% parrot-free

  10. Software & Hardware   -   #10
    Wolfmight's Avatar Poster BT Rep: +1
    Join Date
    Feb 2003
    Location
    Location: Location:
    Posts
    5,545
    hard to tho.. they hide they&#39;re real identity

Page 1 of 2 12 LastLast

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •