Threat Level: green Handler on Duty: Richard Porter

SANS ISC: Forgery FBI email / Virus W32.Bugbros / New PoC for Linux Vulnerability SANS ISC InfoSec Forums

Watch ISC TV. Great for NOCs, SOCs and Living Rooms:

Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
Forgery FBI email / Virus W32.Bugbros / New PoC for Linux Vulnerability
Forgery FBI email around

A false email from FBI with the Subject: "Your IP was
logged" is being around with a malware in attachment. The
email intends to intimidate the user saying that the
machine was scanned by the FBI and that Illegal contents
were found. The email will try to induce the user to check
the attachment to see what illegal contents were found.

Virus W32.Bugbros

Yesterday, an user sent a message to the Handlers saying
that MS told that she had the blaster worm in hers computer
( ). A virus
with a very similar message was discovered. It is called
W32.Bugbros according Symantec. It sends itself with the

I have send you the needed informations for the new worm-
backdoor discovered.
The Backdoor is called W32.Bug.Gear.A You can run the
attachment to avoide getting
hacked by closing the backdoor."

Reference - Thanks to Scott Fendley:
New PoC code for Linux vulnerability

A PoC code for testing the Linux do_mremmap() vulnerability (Affecting Kernel 2.4.x and 2.6.x)was released today . Apparently it checks the vulnerability
with no harm. It is time to patch the Linux kernel again.
Check your Linux distribution site for upgrades.

Handler on duty: Pedro Bueno

155 Posts
ISC Handler
Jan 7th 2004

Sign Up for Free or Log In to start participating in the conversation!