Re: shtyle.fm Virus, Worm or Trojan Horse?

[1PW]

I don't know exactly what happened, but an acquaintance got borked and
somehow it ended up with me being sent an invitation supposedly from him
to join shtyle.fm (and get a free "teddy" . . . ).

This obviously means his email collection (I don't think I'm in his
address book) was used as a source of addresses.

I see no reference using Google Web, Groups or Blogs to anything of this
nature.

I did see some references on SANS IIRC that some fairly common viruses
come in a variety of strains due to simple re-jiggering that might be
behind this.

Is anyone seeing any such reports or for that matter suspicious shtyle.fm
email traffic surges?

The evidence you provide in no way yet suggests a virus. However, you
/may/ be seeing sufficient proof of harvesting.

At this point little damage is seen and I would suggest that everyone
involved with this acquire and implement reasonable antimalware, and
make a self examination of safe computing practices.

HTH

Pete

 

[Max Wachtel]

mimus thought it would be fun to share this little ditty with the
class:

Again, he didn't _give_ my email address to anyone . . . .

Something wicked obviously went trawling through his email program's email
database.

What that something was is still unclear-- he's got some people looking at
it, but I haven't heard what the diagnosis on the spot is.

And the gleeful sending out of invitations to shtyle.fm is downright
weird, although I see that they have at least some rep for spamming if no
worse already.


Starting with switching from Windows, yes.

But let's not get into that.

Send this to him (it will keep him busy for a while anyway)

***************begin canned response*******************

What I use to clean and maintain Windows -

Windows Update (free)
http://www.update.microsoft.com/windowsupdate/v6/default.aspx?ln=en-us

Secunia Online Software Inspector (free)
http://secunia.com/vulnerability_scanning/online/

AntiVir (free version)
http://www.free-av.com/

ThreatFire (free)
http://www.threatfire.com/download/

Windows Defender (free)
http://www.microsoft.com/windows/products/winfamily/defender/default.mspx
for w2k users, see instructions here:
http://www.compatdb.org/support/topics/175747_windows_defender_windows_2000.html

SUPERAntiSpyware (free version)
http://www.superantispyware.com/download.html
If you canÿt download def. files you can get them here:
http://www.superantispyware.com/definitions.html

Malwarebytes' Anti-Malware (free version)
http://www.malwarebytes.org/index.php
If you canÿt download def. files, you can get them here:
http://www.malwarebytes.org/mbam.php

SpywareBlaster (free)
http://www.javacoolsoftware.com/spywareblaster.html

Windows Firewall (free)- w2k users can get sygate (old free version)
http://www.oldversion.com/program.php?n=sygate

Firefox with AdBlock/NoScript/WOT installed (free), set to ´default¡ browser
http://en-us.www.mozilla.com/en-US/firefox/

AdBlock https://addons.mozilla.org/en-US/firefox/addon/1865

NoScript https://addons.mozilla.org/en-US/firefox/addon/722

WOT https://addons.mozilla.org/en-US/firefox/search?q=WOT&cat=all

MVPS Hosts file (free)
http://www.mvps.org/winhelp2002/hosts.htm

Thunderbird for e-mail (free), set to ´default¡ e-mail
http://www.mozilla.com/en-US/thunderbird/

Turn off un-needed Windows Services
http://www.jasonn.com/turning_off_unnecessary_services_on_windows_xp

Update Java (free), delete old versions before updating
http://www.java.com/en/download/index.jsp

Buy a router w/built-in firewall (under $50)

More things to help keep your system lean and mean

Decrapify your PC (free)
http://pcdecrapifier.com/download

Remove Adobe Acrobat Reader and use PDF-XChange Viewer (free)
http://www.docu-track.com/home/prod_user/PDF-XChange_Tools/pdfx_viewer

CrapCleaner (free)
http://www.ccleaner.com/

JKDefrag (free)
http://www.kessels.com/Jkdefrag/

***************end canned response********************