[2978] in Humor
Amusing Virus Hoaxes
daemon@ATHENA.MIT.EDU (Jonathan D Reed)
Sun Oct 24 10:31:26 1999
To: humor@MIT.EDU
Date: Sun, 24 Oct 1999 10:30:37 EDT
From: Jonathan D Reed <jdreed@MIT.EDU>
Well, all virus hoaxes are amusing, but here are some I hadn't seen
before:
*** Sound Card Virus ***
This virus, which was discovered in Cape Town this month, and appears to be
locally written, takes virus-transmitted evil to new despicable levels.
The virus infects .com and .exe files, and is not detected by any of the
current scanners, even in heuristic mode. The virus is encrypted and uses
fairly standard techniques to replicate.
This virus activates on 1 April of any year, at which time it checks if
there is a sound card installed in the computer. If so, it immediately
begins feeding subliminal messages to the sound card. Subliminal messages
are messages at such low volume that you do not consciously hear them, but
your subconscious does. The virus contains these messages in digitised
form. The messages contain suggestions like "Kill!", "Steal! Steal!", "Rape
Her!", "Worship Satan!", and others which I can't put in a family magazine.
The voice used sounds like that of a 16 year old girl.
The virus has been forwarded to overseas anti-virus authors.
*** Cell Phone Hoax ***
Dear all mobile phone's owners,
ATTENTION!!
NOW THERE IS A VIRUS ON MOBILE PHONE SYSTEM..
All mobile phone in DIGITAL system can be infected by
this virus..If you receive a phone call and your phone display
"UNAVAILABLE" on the screen (for most of digital mobile phones with a
function to display in-coming call telephone number), DON'T ANSWER THE
CALL. END THE CALL IMMEDIATELY!!!BECAUSE IF YOU ANSWER THE CALL, YOUR
PHONE WILL BE INFECTED BY THIS VIRUS.. This virus will erase all IMIE
and IMSI information from both your phone and your SIM card which will
make your phone unable to connect with the telephone network. You
will have to buy a new phone. This information has been confirmed by
both Motorola and Nokia..
For more information, please visit Motorola or Nokia web sites:
http://www.mot.com
http://www.mot.com > > or http://www.nokia.com
There are over 3 million mobile phone being infected by
this virus in USA now. You can also check this news in
CNN web site: http://www.cnn.com
http://www.cnn.com
http://www.cnn.com > > >..
Please forward this information to all your friends who have digital
mobile phones..
*** This was my favorite one:
=============================================================================
CERT(sm) Advisory CA-96.13
July 4, 1996
Topic: ID4 virus, Alien/OS Vulnerability
- -----------------------------------------------------------------------------
The CERT Coordination Center has received reports of weaknesses in
Alien/OS that can allow species with primitive information sciences
technology to initiate denial-of-service attacks against MotherShip(tm)
hosts. One report of exploitation of this bug has been received.
When attempting takeover of planets inhabited by such races, a trojan
horse attack is possible that permits local access to the MotherShip
host, enabling the implantation of executable code with full root access
to mission-critical security features of the operating system.
The vulnerability exists in versions of EvilAliens' Alien/OS 34762.12.1
or later, and all versions of Microsoft's Windows/95. CERT advises
against initiating further planet takeover actions until patches
are available from these vendors. If planet takeover is absolutely
necessary, CERT advises that affected sites apply the workarounds as
specified below.
As we receive additional information relating to this advisory, we will
place it in
ftp://info.cert.org/pub/cert_advisories/CA-96.13.README
We encourage you to check our README files regularly for updates on
advisories that relate to your site.
- -----------------------------------------------------------------------------
I. Description
Alien/OS contains a security vulnerability, which strangely enough
can be exploited by a primitive race running Windows/95. Although
Alien/OS has been extensively field tested over millions of years by
EvilAliens, Inc., the bug was only recently discovered during a
routine invasion of a backwater planet. EvilAliens notes that
the operating system had never before been tested against a race
with "such a kick-ass president."
The vulnerability allows the insertion of executable code with
root access to key security features of the operating system. In
particular, such code can disable the NiftyGreenShield (tm)
subsystem, allowing child processes to be terminated by unauthorized
users.
Additionally, Alien/OS networking protocols can provide a
low-bandwidth covert timing channel to a determined attacker.
II. Impact
Non-privileged primitive users can cause the total destruction of
your entire invasion fleet and gain unauthorized access to
files.
III. Solution
EvilAliens has supplied a workaround and a patch, as follows:
A. Workaround
To prevent unauthorized insertion of executables, install a
firewall to selectively vaporize incoming packets that do not
contain valid aliens. Also, disable the "Java" option in
Netscape.
To eliminate the covert timing channel, remove untrusted
hosts from routing tables. As tempting as it is, do not use
target species' own satellites against them.
B. Patch
As root, install the "evil" package from the distribution tape.
(Optionally) save a copy of the existing /usr/bin/sendmail and
modify its permission to prevent misuse.
- ---------------------------------------------------------------------------
The CERT Coordination Center thanks Jeff Goldblum and Fjkxdtssss for
providing information for this advisory.
- ---------------------------------------------------------------------------
-----------
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Jonathan Reed '01 EC - Wood 508
EC DarkroomComm
Vice President, MIT SRC
PGP key ID: 7103C785
jdreed@mit.edu http://jon.mit.edu/
jdreed@genome.wi.mit.edu
3 Ames St Box 336 (617) 225-6538
Cambridge, MA 02142
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
