[rescue] Strange "DownloadsAllUpInYerFace()" message

[Kurt Huhn]

Dan Sikorski wrote:
> 
> I just got a message from rescue-request at sunhelp.org with the subject
> line of "DownloadsAllUpInYerFace()".  Anyone else get this?  It's 154k
> in size and was sent at 10:53AM.  you'll find the source of it pasted
> below.
> 

It's a Klez virus variant.  It gathers email addresses from web pages
browsed on the infected box, and uses those addresses as to: *and*
from:.  Effectively disguising the actual infected computer unless you
pick apart the headers.

I've been getting 12 to 15 of these messages every day, from random
places.  Once in a while someone emails me and tells me to run the
latest virus software on my computer, because it's infected with Klez. 
I usually send a simple message explaining that it would be a neat trick
indeed, to run a Windows virus on an Irix computer.  Then I point them
to the SARC page that describes how it uses false email addresses.
-- 
Kurt
kurt at k-huhn.com
Editor: "We need a new food critic, someone who doesn't immediately
poo-poo everything he eats." 
Homer: "Naw, that usually takes a few hours."