PeterW
Lifetime Member
Member has Passed
Posts: 3,804
|
Post by PeterW on Dec 17, 2007 17:26:32 GMT -5
I've just heard that there's a new virus on the loose which is a new one on me. It's a development of megadeath called Olympic Torch which attacks your hard drive as soon as you open the email carrying it.
So far, I gather, all the spam emails that carry it have started off "This is an invitation ...". Worse, there have been instances of these messages purporting to come from people, groups or companies you know. Apparently the clever ba....rds that send it out have culled user names and URLs from people, forums or companies like ebay and paypal who regularly send emails to an address and disguise their virus-bearing email so it looks as if it comes from them.
So if you see an email that starts "This is an invitation ..." or has "invitation" in the first few words, don't open it even if you think you recognise who sent it. Delete it and purge it and then email the person in whose name it was sent asking if they've sent you anything. Quite often, messages that start like this are genuine forum postings, genuine messages or invitations to join a chat group or something similar, but you can't be too careful.
How long it will be before AVG, Zone Alarm etc know how to recognise it and block it I don't know. You can bet they're working on it!
Take care,
PeterW
|
|
PeterW
Lifetime Member
Member has Passed
Posts: 3,804
|
Post by PeterW on Dec 17, 2007 18:13:22 GMT -5
I may have been a little premature in my virus warning. John has heard from a friend in one of the virus-chasing companies that they suspect Olympic Torch may possibly be a hoax warning. If so, someone's got a d@mn twisted sense of humour.
I hope it is a hoax, but I work on the principle that where viruses are concerned you can't be too careful, so until I hear definitely I shall still delete, unopened, any email with "invitation" in the first few words - so don't send me one!
PeterW
|
|
SidW
Lifetime Member
Posts: 1,107
|
Post by SidW on Dec 17, 2007 20:02:33 GMT -5
Symantec have listed Olympic Torch as a hoax since Feb 2006, with a new burst in Feb 2007. www.symantec.com/norton/security_response/threatexplorer/index.jspSelect the A-Z Threats tab and look under O. This is Symantec's info on Olympic Torch: The Olympic Torch Hoax is being spread through email. It has been reported that the following text of the hoax may differ slightly in the various messages going around. This hoax email includes the following warning: Subject: Invitation. This virus does not exist.
You should be alert during the next days: Do not open any message with an attached filed called "Invitation" regardless of who sent it . It is a virus that opens an Olympic Torch which "burns" the whole hard disc C of your computer. This virus will be received from someone who has your e-mail address in his/her contact list, that is why you should send this e-mail to all your contacts. It is better to receive this message 25 times than to receive the virus and open it. If you receive a mail called "invitation", though sent by a friend, do not open it and shut down your computer immediately. This is the worst virus announced by CNN, it has been classified by Microsoft as the most destructive virus ever. This virus was discovered by McAfee yesterday, and there is no repair yet for this kind of virus. This virus simply destroys the Zero Sector of the Hard Disc, where the vital information is kept
Please ignore any messages regarding this hoax and do not pass on messages. Passing on messages about the hoax only serves to further propagate it.End of quote. It's usually a good idea not to forward this sort of emailed warning. Instead go to your anti-virus provider and check what they say. For example Symantec maintains this particular threat list and access is free. Just imagine the amount of spam this hoax has created, everyone all round the world sending the warning to everyone in their address list ad infinitum for two years now. And think of all the parties you're going to miss. If you're worried, do as Peter suggests, don't open the invite until you've asked the sender for confirmation and received it.
|
|
|
Post by kiev4a on Dec 17, 2007 23:37:48 GMT -5
This is why I image my OS hard disk about every two weeks or when I have made major additions or deletions.
|
|
|
Post by herron on Dec 18, 2007 12:17:48 GMT -5
Another good source of hoax information is Snopes...it won't cure or stop anything, but it will inform you of rumors that are circulation...and whether there is anything to them, or not. www.snopes.com/
|
|
SidW
Lifetime Member
Posts: 1,107
|
Post by SidW on Dec 18, 2007 20:50:54 GMT -5
It occurred to me that maybe the hoaxer had left a clue to the hoax: the phrase "the Zero Sector of the Hard Disc, where the vital information is kept". Is there such a thing as Zero Sector? Or are there places where that is used rather than "boot sector"?
|
|
Reiska
Lifetime Member
Member has Passed
Posts: 558
|
Post by Reiska on Dec 19, 2007 18:33:11 GMT -5
Yeah, Ron and "snope" are right, it is a hoax warning (I hope)
Olympic games themed hoax warning about a virus that would destroy drive C: from your computer. (Veli-Jussi Kesti, February 13, 2006 , F-Secure)
|
|
|
Post by kiev4a on Dec 19, 2007 23:00:06 GMT -5
Yes indeed, there is a zero sector. It's where a lot of disk housekeeping info is stored. But overwriting it won't destroy the hard disk. It can make info on the disk hard to get but it won't physically destroy the drive. I don't think a program has been written that can do that.
The most dangerous bug would be one that writes zeros to every sector of the disk, wiping it totally clean. Normally when data is deleted only the directory entry is erased. The data is still there and there are lots of programs that can recover it..
I once save the data ob a crashed windows hard disk by booting up with Linux and reading it. Linux doesn't need the Windows directory.
|
|