Stolen Password - how, why, and how to fix it
Mike Morris WA6ILQ
morris at COGENT.NET
Tue Nov 27 17:46:20 EST 2001
This topic is drifting away from the Green Monsters, hopefully the
moderator will
pass this message.
Passwords are not an absolute protection, especially if you have the
electronic version of somebody looking over your shoulder... a keystroke
logging program running in the background. The newest virus has just that.
Everybody - I suggest that you go read this web page. There's quite a bit
there,
read it all the way down to the removal instructions.
http://www.symantec.com/avcenter/venc/data/pf/w32.badtrans.b@mm.html
To make a long web page short, basically it does two things:
1) installs a keystroke logging program, then periodically sends emails with
your logged keystrokes and cached passwords to 22 specific email addresses.
2) mails itself out to other new victims - under your name if possible
In this case, Jerry might have been an early victim.
Jerry, If you are reading this and your system is infected, AOL really
can't do
anything about it since the problem is on your computer.
Also any given AOL tech support person may not be qualified (or have the time)
to help users de-infect their systems.
The last part of the web page mentioned above has instructions on how to clean
up your system.
Everybody - please get a good anti-virus program, install it, and the
important
part: KEEP IT UP TO DATE.
On most programs this can be done automatically in the background...
for example, mcafee can be configured to get the new virus database every time
the system is started up. I suspect that Norton can be set up this way also.
This option is very handy with an always-on connection like cable modem or DSL
Otherwise you will have to remember to do it every couple of days.
Mike WA6ILQ
At 04:33 AM 11/27/01 -0500, you wrote:
>"H.G. Jerry Dowell" wrote:
>
> > Ladies & Gentlemen;
> >
> > Within the past 24hrs someone has taken my AOL screen name & password,
> > and have been sending out many Email messages. These message are shown as
> > sent from my EMail address. I have contacted AOL 3 times today in
> regards to
> > this problem. These message are really BAD. Most or all are Sexually
> > oriented. I have got a few results from AOL, but they really have no way to
> > correct the problem.
> > I trust each and every one of you, have not gotten one of these messages.
> >
> > Thank You
> > 73's
> > Jerry Dowell
> >
> > WB0GYR
> > H. G. Jerry Dowell
> > 19119 / 201 E. Truman Rd.
> > Independence, Missouri
> > 64056-2432
> > RECCOP18 at AOL.COM
>
>Jerry, how does someone "steal" a password? The whole idea of a password is to
>"protect" a system. Harvey.
-----------------------------------------------------------
This list is a public service of the City of Tempe, Arizona
-----------------------------------------------------------
Subscription control - http://www.tempe.gov/lists/control.asp?list=HEATH
To post - HEATH at LISTSERV.TEMPE.GOV
Archives - http://interactive.tempe.gov/archives/HEATH.html
More information about the Heath
mailing list