[60933] in North American Network Operators' Group
Re: Hijacked email
daemon@ATHENA.MIT.EDU (Haesu)
Wed Aug 20 10:14:08 2003
Date: Wed, 20 Aug 2003 10:13:40 -0400
From: Haesu <haesu@towardex.com>
To: Jack.W.Parks@alltel.com, nanog@MERIT.EDU
In-Reply-To: <E48E8C0EEF927044A086E4A4BB228CFE09BC0B@litexch7.alltel.com>
Errors-To: owner-nanog-outgoing@merit.edu
Yup, seeing same. Spoofing to quite a few of our addresses and sending worms to everyone..
-hc
--
Sincerely,
Haesu C.
TowardEX Technologies, Inc.
WWW: http://www.towardex.com
E-mail: haesu@towardex.com
Cell: (978) 394-2867
On Wed, Aug 20, 2003 at 07:36:23AM -0500, Jack.W.Parks@alltel.com wrote:
>
> Anyone seeing hijacked email addresses with this Sobig-F worm? I did
> some research and I know I didn't send anything to Investec Bank of
> Johannesburg,ZA. On top of that, I definitely did not send a worm.
>
> Thoughts?
>
> Jack
>
> -----Original Message-----
> From: jlouw@investec.co.za [mailto:jlouw@investec.co.za]
> Sent: Wednesday, August 20, 2003 4:11 AM
> To: Parks, Jack W
> Cc: VMeetoo@investec.co.mu
> Subject: MailMarshal has detected a Virus in your message
>
>
> Investec content scanning has stopped the following message:
>
> Message: BB002e9963.00000001.mml
> From: Jack.W.Parks@alltel.com
> To: VMeetoo@investec.co.mu
> Subject: Thank you!
>
> Because it believes the message contains a virus.
> The virus scanning software used was: Sophos AntiVirus (SAVI2 Interface)
>
> Virus name: W32/Sobig-F
>
> Please clean the file and resend it.
>
> Rule: Inbound Messages : Block Virus
