Page 1 of 3 123 LastLast
Results 1 to 10 of 21

Thread: Virus Alert "Surprise.exe"

  1. #1
    Join Date
    Jun 2009
    Location
    Ohio
    Beans
    57
    Distro
    Ubuntu 10.04 Lucid Lynx

    Exclamation Virus Alert "Surprise.exe"

    Recently my email address has sent this file "Surprise.exe" to all my contacts. I'm running Ubuntu 9.10 and haven't quite figured out how it did it, or where it got in. I did not personally send this message but everybody in my contacts received it. My Evolution window was running (open) but there is no similar sent message in my Sent outbox, so it must have came from the server somehow. I checked Hotmail on the server, and it was in that Outbox folder, so I've narrowed it down to the Hotmail server. I have not given my password to anybody, nobody else was in my home. I'm wondering if there is some kind of either Hotmail leak in security or if it's Ubuntu that has a security link. The only thing I have done different to my machine recently is install a virtual machine (VirtualBox) that has XP and Windows 7, but those virtual machines don't even have network access, I just use those for testing purposes only. This happened today 01/26/2010.
    Since this, have changed my hotmail password. I will make a switch to Gmail permanently for this Hotmail Server security breech. After doing some research this seems to be one of the most highly infected viruses to date. I feel sorry for all my windows users in my contact list. 99% of my contacts use Windows and was sent to at least 150-200 people.

    Do not use/click the link:
    htt://ww.rapidshare.com/files/*341348122a$/Surprise.exe
    (i've changed some characters to make it not the same)


    Anybody with more information feel free to post in this thread.
    I would like to post a bug to virus security if anybody could provide links I would appreciate knowing where to send this information.
    Fix your sound problem in Ubuntu 9.10 Karmic Koala and older versions.
    http://www.fixya.com/support/r377614...blem_in_ubuntu

  2. #2
    Join Date
    Mar 2006
    Location
    Williams Lake
    Beans
    Hidden!
    Distro
    Ubuntu Development Release

    Re: Virus Alert "Surprise.exe"

    If you have had the same email address for a while, someone is spoofing your email address. I had this happen with an email address that I had for several years, I was getting messages about spam I had supposedly sent, even though the didn't originate from my system or my isp's email system.

  3. #3
    Join Date
    Jan 2010
    Beans
    3

    Re: Virus Alert "Surprise.exe"

    This virus has targeted me as well... it has sent out a mass email from me twice, about 6 hours apart.
    I have had a hotmail account with the same password for many years and it looks like it is only targeting my hotmail contacts. Wondering if changing your password really helps?
    I cannot seem to find a program to catch it yet, avg, microsoft security essentials, spybot, windows defender are all missing it!!!
    Is the virus to new? or just contained to my hotmail account?

    My name is keith as well... curious if it is targeting keith's?

    anybody who has found a solution to this one, please let me in on the secret!

  4. #4
    Join Date
    Dec 2006
    Location
    Chicago
    Beans
    3,839

    Re: Virus Alert "Surprise.exe"

    If a copy of the message appears in your hotmail sent box, but not your evolution sent box, then it must have been sent from hotmail. This means they gained access to your hotmail account somehow, whether it is a hotmail hack or someone figured out your password, or someone is hijacking your account with a cross-site scripting attack. Have you been using hotmail in your browser? Does the account have a strong password? Could you have been tricked by an e-mail into providing your password to a site disguised as a hotmail one?

  5. #5
    Join Date
    Dec 2009
    Location
    A really tall tree.
    Beans
    165
    Distro
    Ubuntu

    Re: Virus Alert "Surprise.exe"

    I'm guessing that you might have a virus that records addresses and passwords and then goes into your account when your computer is idle? Do you have the option to remember passwords active in your browser?

    Just for the sake of this conversation, do I really need an anti-virus with Linux Ubuntu? I've been going un-protected since 2 years and have never caught anything. But then again, I never open email from people I don't know.

    -Squirrel

  6. #6
    Join Date
    May 2009
    Location
    Wales UK
    Beans
    333
    Distro
    Ubuntu 12.04 Precise Pangolin

    Re: Virus Alert "Surprise.exe"

    Quote Originally Posted by S2UIRR3L View Post
    I'm guessing that you might have a virus that records addresses and passwords and then goes into your account when your computer is idle? Do you have the option to remember passwords active in your browser?

    Just for the sake of this conversation, do I really need an anti-virus with Linux Ubuntu? I've been going un-protected since 2 years and have never caught anything. But then again, I never open email from people I don't know.

    -Squirrel
    i've been using Ubuntu for 2 years also and never had any security issue, however like youeself i am also extremely cautious. i came to linux from windows and did a huge amount of research on whether or not one should run an anti-virus on Linux, the short answer is NO. however having and running one dose have advantages, perhaps the first thing is Linux anti-virus programs scan for WINDOWS viruses so the advantages are if a virus is on your machine somehow you can remove it, second you can protect your friends who use windows.

  7. #7
    Join Date
    Apr 2009
    Location
    CA, USA
    Beans
    156
    Distro
    Ubuntu 10.10 Maverick Meerkat

    Re: Virus Alert "Surprise.exe"

    Doesn't sound like you really are infected on your local PC as such. Most likely just hacked your hotmail password and retrieved you contact list that way.

  8. #8
    Join Date
    Jun 2009
    Location
    Ohio
    Beans
    57
    Distro
    Ubuntu 10.04 Lucid Lynx

    Re: Virus Alert "Surprise.exe"

    Quote Originally Posted by cgb View Post
    Doesn't sound like you really are infected on your local PC as such. Most likely just hacked your hotmail password and retrieved you contact list that way.
    I agree with you on this.
    Fix your sound problem in Ubuntu 9.10 Karmic Koala and older versions.
    http://www.fixya.com/support/r377614...blem_in_ubuntu

  9. #9
    Join Date
    Jun 2009
    Location
    Ohio
    Beans
    57
    Distro
    Ubuntu 10.04 Lucid Lynx

    Re: Virus Alert "Surprise.exe"

    Quote Originally Posted by cdenley View Post
    If a copy of the message appears in your hotmail sent box, but not your evolution sent box, then it must have been sent from hotmail. This means they gained access to your hotmail account somehow, whether it is a hotmail hack or someone figured out your password, or someone is hijacking your account with a cross-site scripting attack. Have you been using hotmail in your browser? Does the account have a strong password? Could you have been tricked by an e-mail into providing your password to a site disguised as a hotmail one?
    I never use browser to read or compose emails. Only thing I can think of is either Hotmail server was hacked, or "LastPass" plugin for firefox was hacked. probably not LastPass, because none of my other accounts were messed with on any other site.
    Fix your sound problem in Ubuntu 9.10 Karmic Koala and older versions.
    http://www.fixya.com/support/r377614...blem_in_ubuntu

  10. #10
    Join Date
    Jan 2010
    Beans
    3

    Smile Re: Virus Alert "Surprise.exe"

    HaHa!!!
    Got ya...
    I finally found a program that could find it http://www.malwarebytes.org/ the free version caught it so bonus!
    I am not really a computer guy, but from what I can tell (my experience) it is a trojan that had two entries in my registry keys.

    I wish everyone luck!!!

Page 1 of 3 123 LastLast

Tags for this Thread

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •