Author Topic: my doom hijacked one of my addys  (Read 5315 times)

0 Members and 1 Guest are viewing this topic.

Offline pattigayle

  • Jr. Member
  • **
  • Posts: 24
  • lost in new jersey
my doom hijacked one of my addys
« on: February 04, 2004, 03:01:51 AM »
   My computer is not infected but one of my yahoo addresses is being used by the Hi/Hello virus/worm  >:(

    Is there anything I can/should do ??? I've already told everyone in my address book to delete any mail from that address until further notice.

    Do I just wait for it to go away or should I close that account ??

    Patti


   
windows 7, 64 bit.

Offline Culpeper

  • Avast Evangelist
  • Advanced Poster
  • ***
  • Posts: 1187
Re:my doom hijacked one of my addys
« Reply #1 on: February 04, 2004, 06:04:09 AM »
Yahoo mail is plagued with this virus.   I'm receiving about 10 of these messages a day on my Yahoo email account.  In fact, that is all I'm receiving in my Yahoo account.   Don't open them!  Just delete them.  You don't need to close your account.  The replication of the virus will play itself out soon.
« Last Edit: February 04, 2004, 06:06:16 AM by Culpeper »
The wind in the wires made a tattletale sound
And a wave broke over the railing
And every man knew, as the Captain did, too,
T'was the witch of November come stealing.

Offline pattigayle

  • Jr. Member
  • **
  • Posts: 24
  • lost in new jersey
Re:my doom hijacked one of my addys
« Reply #2 on: February 04, 2004, 12:48:19 PM »
Thanks for the info  ;) I really didn't want to close that account [ I rec'd 3 mail delivery failure notices today & I haven't sent anything out in days.... ]


Patti
windows 7, 64 bit.

Offline sowen

  • Jr. Member
  • **
  • Posts: 74
  • Zap
Re:my doom hijacked one of my addys
« Reply #3 on: February 04, 2004, 02:17:32 PM »
Yahoo mail is not plagued with the virus. In fact, Yahoo and Hotmail are probably the safest, because they use up-to-date scanners on all mail going through their servers.

MyDoom doesn't hijack email addresses, it - like most other email virusses - fakes the sender address. After infecting a computer, it takes names from the infected computer's address book, creates an email with one of the addresses faked as the sender, and sends to other users in the address book. It's done to throw people off the scent, so the virus can run longer without being detected.

Example: Person A's computer gets infected. Person A has B and C in his address book. The virus sends an email to C, with B faked as the sender. C, a typical user, tells B his computer is infected. Meanwhile, A goes on merrily sending infected emails.

The only conclusion one can draw here, is that the infected computers apparently have a lot of Yahoo contacts in their address books.
Support the war on forum terrorism and WMD (Weapons of Message-board Destruction)

Offline pattigayle

  • Jr. Member
  • **
  • Posts: 24
  • lost in new jersey
Re:my doom hijacked one of my addys
« Reply #4 on: February 05, 2004, 12:29:34 AM »
    The addy that has been effected [ not infected ... ] is the one I use for all my yahoo groups [ I belong to several ] and since each group has at least a few hundred members.... it's kinda like having relations with one person is really having relations with everyone that they have ever had relations with etc...

    Also, the only way to get a virus using Yahoo is by downloading an infected file.... just opening the e-mail will not infect your computer as their mail is web based [ meaning you're reading your mail off their computer , it's not downloaded into yours ] and yes, I know it's true [ not just cause they say so ] cause last year during the Klez outbreak I opened an e-mail that I knew was infected to check it out.

     Sowen, thanks for all the info .... but hijacked sounds so much better than faked  ;)
   
windows 7, 64 bit.

Offline Lisandro

  • Avast team
  • Certainly Bot
  • *
  • Posts: 67255
Re:my doom hijacked one of my addys
« Reply #5 on: February 05, 2004, 03:39:31 AM »
Just opening the e-mail will not infect your computer as their mail is web based [ meaning you're reading your mail off their computer , it's not downloaded into yours ] and yes, I know it's true [ not just cause they say so ] cause last year during the Klez outbreak I opened an e-mail that I knew was infected to check it out.

Patti, I'm not the guru of this forum but, sometimes, could be [iframe] tags into the webmail pages and they can infect your computer. Of course, if I talk a non-sense thing, Igor could correct me  ;)
The best things in life are free.

Offline Culpeper

  • Avast Evangelist
  • Advanced Poster
  • ***
  • Posts: 1187
Re:my doom hijacked one of my addys
« Reply #6 on: February 05, 2004, 05:58:33 AM »
Yahoo mail is not plagued with the virus. In fact, Yahoo and Hotmail are probably the safest, because they use up-to-date scanners on all mail going through their servers.

MyDoom doesn't hijack email addresses, it - like most other email virusses - fakes the sender address. After infecting a computer, it takes names from the infected computer's address book, creates an email with one of the addresses faked as the sender, and sends to other users in the address book. It's done to throw people off the scent, so the virus can run longer without being detected.

Example: Person A's computer gets infected. Person A has B and C in his address book. The virus sends an email to C, with B faked as the sender. C, a typical user, tells B his computer is infected. Meanwhile, A goes on merrily sending infected emails.

The only conclusion one can draw here, is that the infected computers apparently have a lot of Yahoo contacts in their address books.


 I've had these infected emails in my Yahoo account ever since this plague started.  Want me to set it up so they get forward to your account?  No?  I thought so.

You go right ahead and put all that faith in the "up to date" scanners of hotmail and Yahoo.  I just delete them as they arrive in my Yahoo inbox.  Over and over and over again!  Some scanner!
« Last Edit: February 05, 2004, 06:33:47 AM by Culpeper »
The wind in the wires made a tattletale sound
And a wave broke over the railing
And every man knew, as the Captain did, too,
T'was the witch of November come stealing.

Offline sowen

  • Jr. Member
  • **
  • Posts: 74
  • Zap
Re:my doom hijacked one of my addys
« Reply #7 on: February 06, 2004, 11:47:50 PM »
sure, send me the virusses. geesh culpepper, you sound like a real prick with loads of computer experience but little knowledge.

mydoom started, and there will have been several infections on yahoo and hotmail before their virus-scanners were updated. i guarantee you that yahoo and hotmail are not propagating the virus.
Support the war on forum terrorism and WMD (Weapons of Message-board Destruction)

Offline sowen

  • Jr. Member
  • **
  • Posts: 74
  • Zap
Re:my doom hijacked one of my addys
« Reply #8 on: February 06, 2004, 11:52:25 PM »
   Sowen, thanks for all the info .... but hijacked sounds so much better than faked  ;)
   

You're welcome. Yes, 'hijacked' sounds better, but I just wanted to reassure you it's completely safe to use your Yahoo account and there's no need to delete the account (nor benefit therein). The best advice you can give to people who have you in their address book is: Install Avast! ;)
« Last Edit: February 06, 2004, 11:53:37 PM by sowen »
Support the war on forum terrorism and WMD (Weapons of Message-board Destruction)

Offline Culpeper

  • Avast Evangelist
  • Advanced Poster
  • ***
  • Posts: 1187
Re:my doom hijacked one of my addys
« Reply #9 on: February 07, 2004, 01:43:33 AM »
sure, send me the virusses. geesh culpepper, you sound like a real prick with loads of computer experience but little knowledge.


Thank you, sir.  May I have another?

http://www.acmewebpages.com/midi/thankyou.wav

« Last Edit: February 07, 2004, 01:52:26 AM by Culpeper »
The wind in the wires made a tattletale sound
And a wave broke over the railing
And every man knew, as the Captain did, too,
T'was the witch of November come stealing.