Although Ronald touched on it earlier, I thought I'd pontificate about my lovely experience with the Anna virus. Damage did all his learning over the weekend, but I got mine as a Monday morning slap to the face.
At least I can say I wasn't one of the people who opened the e-mail; I just had to do clean-up. A couple of the charming things I learned: People are quick to open an e-mail that supposedly contains a single picture of Anna Kournikova, in spite of the fact that her name and the word "pictures" gets around 40,000 hits on Google. Heck, even with the addition of the all-important word "nude" there's 23,700. But I digress.
Another thing I learned is that Norton Anti-Virus for Exchange sucks rocks. It's served me well for a year or more, and when it works it works great. But the only thing it cares about are its virus definition files, and if the virus isn't in there yet, you're screwed. I sat depressed noting that (1) Trend Micro's Safemail product had its virus definitions updated at least a couple of hours before Symantec did and (2) it didn't matter because, unlike NAV, Safemail can just blanket filter attachments by extension. And when was the last time you got a .VBS file that wasn't a virus?
I learned some more things courtesy of this ABCNEWS.com article on the virus. I learned that the virus was actually fairly clever, but the virus author was not. The virus code is encrypted and modifies itself to dodge detection. The author, however, apparently had little to do with the virus except for naming it, as it was actually built by a pre-existing virus construction kit (I am not making this up). According to the article, the kit's author has done no fewer than nine versions of the kit, with "the most recent one apparently guaranteed to dodge antiviral programs."
I also learned, incidentally, that Graham Cluley of the antiviral firm Sophos doesn't seem to have much in the way of social skills, having quotes attributed to him in the article such as "Think about the average guy who uses a computer — overweight, slobbing around in front of a terminal, sad social life. . ." Don't take it personally, guys.
One thing I didn't learn in the article: If this virus was built using a virus construction kit that's been sitting out on a web site just waiting for somebody to fire it up, and if anti-virus companies ". . . are aware of at least a half-dozen VBS script viruses created using [Alamar's] construction kit," then why don't the people doing virus definitions figure out how to detect the kit's product before it's found in the wild? I'd ask Anna, but I hope never to meet her again.
|1. BIF - $340||2. Ryu Connor - $250||3. mbutrovich - $250|
|4. YetAnotherGeek2 - $200||5. End User - $150||6. Captain Ned - $100|
|7. Anonymous Gerbil - $100||8. Bill Door - $100||9. ericfulmer - $100|
|10. dkanter - $100|
|Lenovo ThinkCentre and ThinkPad machines pack AMD PRO APUs||21|
|Seagate 5TB BarraCuda and 2TB FireCuda drives are big and speedy||14|
|Nvidia licenses Rambus' DPA tech for side-channel data leak prevention||16|
|iOS 10.1 update includes portrait mode beta for iPhone 7 Plus||6|
|Biostar belatedly announces GTX 1060 graphics cards||12|
|HyperX Alloy keyboard gets lean and mean for FPS gaming||10|
|AMD drops prices on the Radeon RX 460 and RX 470||53|
|Reports: Radeon RX 470D is a budget Polaris card for China||9|
|Examining reports of slow write speeds on the 32GB iPhone 7||33|
|Signing your posts is daftly redundant. Meadows||+27|