|
|
|
|
|
| Vous pouvez aider à réduire les Mail parasites en éduquant le public grâce à l'avertissement sur comment reconnaître une cyberlégende , comment reconnaître un avertissement valide et que faire si vous pensez qu'un message est une cyberlégende. |
Cyberlégende décrites sur cette page:
Dernière modification le: Friday, 10-Dec-1999 10:06:03 PST.
Pour des informations sur les chaînes de lettres, voyez la nouvelle page du CIAC à cette adresse : http://ciac.llnl.gov/ciac/CIACChainLetters.html
Internet est constamment inondé de messages d'information sur les virus et les chevaux de Troie. Cependant, intercalés parmi les messages concernants de vrais virus ce trouve des nombreuses cyberlégendes. Bien que ces cyberlégendes ne puissent évidemment pas infecter d'ordinateurs, elles sont sources de perte de temps et d'heures de travail. Le CIAC a pu constater qu'il fallait plus de temps pour démasquer ces cyberlégende que pour s'occuper des véritables incident liés au virus. Cette page ne décrit qu'une infime partie des cyberlégendes qui circulent sur le net actuellement. Nous aborderons également l'histore des cyberlégendes sur Internet.
Nous demandons aux utilisateurs de ne pas propager de messages d'alerte
non confirmés sur des virus ou des chevaux de Troie. Si vous recevez
un message d'alerte non validé ne le renvoyez pas à vos amis,
renvoyez le à votre responsable de la sécurité informatique
pour validation. Les messages d'alertes validés provenant de l'équipe
d'intervention du CIAC ou des vendeurs d'anti-virus comportent toujours
une adresse de réponse valide et en général une signature
encryptée par PGP avec la clef de l'organisation émettrice.
L'alerte en revanche gagne peu à peu le niveau d'une cyberlégende. Ce cheval de Troie n'a été repéré qu'à de très rares occasions il y a plus d'un an. Bien que l'alerte soit réelle sa répétition démesurée est une nuisance. Les personnes désirant se procurer la dernière version de PKZIP pourront se rendre sur le site PKWare web page à http://www.pkware.com.. Le CIAC vous conseille de ne plus propager d'alerte concernant ce cheval de Troie particulier.
Voici le message d'alerte réel initial provenant du site PKWARE :
!!! PKZIP Trojan Horse Version - (Originally Posted May 1995) !!!
It has come to the attention of PKWARE that a fake version of PKZIP is being distributed as PKZ300B.ZIP or PKZ300.ZIP. It is not an offical version from PKWARE and it will attempt to erase your hard drive if run. It attempts to perform a deletion of all the directories of your current drive. If you have any information as to the creators of this trojan horse, PKWARE would be extremely interested to hear from you. If you have any other questions about this fake version, please e-mail support@pkware.com
FYI There is a computer virus that is being sent across the Internet. If you receive an e-mail message with the subject line "Irina", DONOT read the message. DELETE it immediately. Some miscreant is sending people files under the title "Irina". If you receive this mail or file, do not download it. It has a virus that rewrites your hard drive, obliterating anything on it. Please be careful and forward this mail to anyone you care about. ( Information received from the Professor Edward Prideaux, College of Slavonic Studies, London ).
LE CIAC a pour la première fois décrit cette cyberlégende dans CIAC NOTES 94-04c de décembre 1994 et une nouvelle description fut faite dans CIAC NOTES 95-09 en avril 1995. Pour plus d'information voir la Good_Times FAQ (http://www-mcb.ucdavis.edu/info/virus.html) par Les Jones.
Le message d'alerte "Good times" original fut posté et commença à circuler entre novembre et décembre 1994. Il se présentait comme suit :
Here is some important information. Beware of a file called Goodtimes. Happy Chanukah everyone, and be careful out there. There is a virus on America Online being sent by E-Mail. If you get anything called "Good Times", DON'T read it or download it. It is a virus that will erase your hard drive. Forward this to all your friends. It may help them a lot.Juste après la parution de CIAC NOTES 04, une autre alerte "Good Times" fut mise en circulation et c'est ce même message qui fit de nouveau son apparition durant le récent "revival" de cette cyberlégende. Ce message contient une soit disant mise en garde de la part de la commission américaine fédérale des communications (FCC) à propos du danger représenté par le virus "Good Times" mais le fait est que la FCC n'a jamais diffusé et ne diffusera jamais de message d'alerte sur les virus. Cela ne fait pas partie de ses attributions. Voir la FCC Public Notice 5036. Voici la deuxième version étendue de l'alerte au virus "good times" :
The FCC released a warning last Wednesday concerning a matter of major importance to any regular user of the InterNet. Apparently, a new computer virus has been engineered by a user of America Online that is unparalleled in its destructive capability. Other, more well-known viruses such as Stoned, Airwolf, and Michaelangelo pale in comparison to the prospects of this newest creation by a warped mentality. What makes this virus so terrifying, said the FCC, is the fact that no program needs to be exchanged for a new computer to be infected. It can be spread through the existing e-mail systems of the InterNet. Once a computer is infected, one of several things can happen. If the computer contains a hard drive, that will most likely be destroyed. If the program is not stopped, the computer's processor will be placed in an nth-complexity infinite binary loop - which can severely damage the processor if left running that way too long. Unfortunately, most novice computer users will not realize what is happening until it is far too late.
Écrit par Patrick J Rothfuss, décembre 1996 AVERTISSEMENT : Goodtimes va réécrire votre disque dur. Non seulement ça, mais en plus il brouillera n'importe quel disque placé près de votre ordinateur. Il changera les réglages de votre réfrigérateur pour que toutes vos glaces fondent. Il démagnétisera toute vos cartes de crédit, changera le réglage des chaînes de votre télévision et utilisera des harmonique de champ subspacial pour rayer tous les CD que vous essayerez d'écouter. Il donnera votre nouveau numéro de téléphone à votre ex-petite amie. Il mettra de l'antigel dans votre aquarium. Il boira toutes vos bières et laissera ses chaussettes sales sur la table basse alors que vous attendez de la visite. Il cachera un chat mort dans la poche arrière de votre plus beau pantalon de costume et cachera vos clefs de voiture quand vous serez en retard pour le travail. Il vous rendra amoureux d'un pingouin. Il vous fera faire des cauchemars peuplés de nains de cirque. Il versera du sucre dans votre réservoir et rasera vos sourcils tout en séduisant votre petite amie sans que vous le sachiez et en faisant mettre le dîner et l'hôtel sur votre compte. Il séduira votre grand mère, même si elle est morte, car tel est le pouvoir de "good times", il peut atteindre ce qui nous est le plus cher par delà la tombe. Il déplace votre voiture de manière aléatoire dans les parking pour que vous ne puissiez plus la retrouver. Il donnera des coups de pied à votre chien. Il laissera des messages libidineux dans la messagerie vocale de votre patron, et avec votre voix! Il est insidieux et subtil. Il est dangereux et terrifiant à regarder. Il est également d'une très intéressante nuance mauve. Goodtimes vous transmettra la mixomatose. Il laissera l'abattant des toilettes ouvert. Il produira un stock de drogue dans votre baignoire et laissera du bacon frire sur la cuisinière pendant qu'il poursuivra de jeunes écolière avec votre nouvelle tondeuse à gazon Ecoutez moi. Goodtimes n'existe pas. Il ne peut rien vous faire. Mais moi si. J'envoie se message au monde entier. Transmettez le à vos amis, à votre famille. Si qui que ce soit m'envoie un seul autre E-mail à propos de ce faux virus goodtimes, je lui ferais des choses qui, en comparaison, feraient apparaître une tète de cheval coupé dans votre lit comme une joyeuse plaisanterie. Que ce soit bien clair entre vous et moi...passez du "bon temps"...
**********VIRUS ALERT********** VERY IMPORTANT INFORMATION, PLEASE READ! There is a computer virus that is being sent across the Internet. If you receive an email message with the subject line "Deeyenda", DO NOT read the message, DELETE it immediately! Some miscreant is sending email under the title "Deeyenda" nationwide, if you get anything like this DON'T DOWNLOAD THE FILE! It has a virus that rewrites your hard drive, obliterates anything on it. Please be careful and forward this e-mail to anyone you care about. Please read the message below. Alex ----------- FCC WARNING!!!!! -----DEEYENDA PLAGUES INTERNET The Internet community has again been plagued by another computer virus. This message is being spread throughout the Internet, including USENET posting, EMAIL, and other Internet activities. The reason for all the attention is because of the nature of this virus and the potential security risk it makes. Instead of a destructive Trojan virus (like most viruses!), this virus referred to as Deeyenda Maddick, performs a comprehensive search on your computer, looking for valuable information, such as email and login passwords, credit cards, personal inf., etc. The Deeyenda virus also has the capability to stay memory resident while running a host of applications and operation systems, such as Windows 3.11 and Windows 95. What this means to Internet users is that when a login and password are send to the server, this virus can copy this information and SEND IT OUT TO UN UNKNOWN ADDRESS (varies). The reason for this warning is because the Deeyenda virus is virtually undetectable. Once attacked your computer will be unsecure. Although it can attack any O/S this virus is most likely to attack those users viewing Java enhanced Web Pages (Netscape 2.0+ and Microsoft Internet Explorer 3.0+ which are running under Windows 95). Researchers at Princeton University have found this virus on a number of World Wide Web pagesand fear its spread. Please pass this on, for we must alert the general public at the security risks.
FYI! Subject: Virus Alert Importance: High If anyone receives mail entitled: PENPAL GREETINGS! please delete it WITHOUT reading it. Below is a little explanation of the message, and what it would do to your PC if you were to read the message. If you have any questions or concerns please contact SAF-IA Info Office on 697-5059. This is a warning for all internet users - there is a dangerous virus propogating across the internet through an e-mail message entitled "PENPAL GREETINGS!". DO NOT DOWNLOAD ANY MESSAGE ENTITLED "PENPAL GREETINGS!" This message appears to be a friendly letter asking you if you are interestedin a penpal, but by the time you read this letter, it is too late. The "trojan horse" virus will have already infected the boot sector of your hard drive, destroying all of the data present. It is a self-replicating virus, and once the message is read, it will AUTOMATICALLY forward itself to anyone who's e-mail address is present in YOUR mailbox! This virus will DESTROY your hard drive, and holds the potential to DESTROY the hard drive of anyone whose mail is in your inbox, and who's mail is in their inbox, and so on. If this virus remains unchecked, it has the potential to do a great deal of DAMAGE to computer networks worldwide!!!! Please, delete the message entitled "PENPAL GREETINGS!" as soon as you see it! And pass this message along to all of your friends and relatives, and the other readers of the newsgroups and mailing lists which you are on, so that they are not hurt by this dangerous virus!!!!
Subject: security breached by NaughtyRobot Ce message vous est envoyé par NaughtyRobot, une araigné du net qui se glisse dans votre serveur par un petit trou dans le World Wide Web. Naughtyrobot exploite un bug de sécurité de HTTP et à visité votre serveur hôte pour y collecter des information privées, personelles et sensibles. Il a capturé vos adresses E-mail et personelles aussi que votre numéro de téléphone et votre numéro de carte de crédit. Pour vous protéger de toute utilisation frauduleuse de ces informations, suivez les instructions suivantes : 1. alertez votre SysOp, 2. contactez votre poste de police local, 3. déconnectez votre téléphone, et 4. déclarez votre carte de crédit comme étant perdue. Agissez de suite. Rappellez vous : VOUS êtes le seul qui puisse arreter cette hémoragie d'informations. C'était un message d'information public par les créateurs de naughtyrobot -- piratant son chemin sur les autoroutes de l'information.Aucun rapport sérieux ne confirme l'existance de ce soit disant programme..
IMPORTANT - VIRUS Alert!!! Take note ! Someone got an email, titled as JOIN THE CREW. It has erased his hard drive. Do not open up any mail that has this title. It will erase your whole hard drive. This is a new email virus and not a lot of people know about it, just let everyone know, so they won't be a victim. Please e-mail this to everyone you know!!! Remember the title : JOIN THE CREWPlusieurs variantes de cette fausse alerte circulent sur le NET. Si vous en recevez une avec ou sans un fichier joint nous vous recommandons de les effacer tout les deux sans les ouvrir. Mais ne transmettez pas d'alertes virus non validées...
Le fameux virus "Death Ray" est une cyberlégende. L'alerte suivante fut reprise dans le journal Weekly World News et dans d'autres publications. Il n'existe aucun virus, ni aucun programme, au monde capable de causer des dommages physiques à un ordinateur, ni de lui faire exploser le moniteur...
A deadly new computer virus that actually causes home computers to explode in a hellish blast of glass fragments and flame has injured at least 47 people since August 15, horrifying authorities who say millions of people are risking injury, blindness or death every time they sit down to work at their PC! "Computer viruses of the past could disable your computer, but this virus goes a step further -- and can kill you," declared Martin Heriden, a computer expert who specializes in identifying computer viruses. "This virus doesn't carry the usual 'markers' that enable it to be detected. It slips through the cracks, so to speak. "It is an extremely complicated process. But suffice it to say that the virus affects the computer's hardware, creating conditions that lead to dangerous short circuits and power surges. The end result? Explosions -- powerful explosions. And millions of Internet users are at risk." The virus, nicknamed Death Ray by experts like Heriden, surfaced in England on August 1. A 24-year-old college student was permanently blinded when his 15-inch color monitor exploded in his face. "So how do you protect yourself? I wish I knew," said Heriden. "You either stop using the Internet or you take your chances until we can get a handle on this thing and get rid of it for good. Voici la traduction de cette alerte : Un nouveau virus informatique destructeur qui a la capacité de faire exploser les ordinateurs a déjà blessé au moins 47 personnes depuis le 15 août, horrifiant les autorités qui annoncent que des millions de personnes courent des risques de cécité ou de mort à chaque fois qu'elles s'installent devant leur ordinateur. "les virus informatiques du passé pouvaient mettre votre ordinateur en panne, mais ce nouveau virus va plus loin -- et peut vous tuer" a déclaré Martin Heriden, un expert informatique spécialiste des virus. "Ce virus ce comporte pas les habituels "marqueurs" qui permettent la détection par les anti-virus, ce qui lui permet de s'infiltrer sans être repéré. C'est un processus extrêmement complexe, mais en résumé le virus affecte les composants matériels du PC, créant des conditions qui mènent à de dangereux court-circuits et surtensions. Le résultat final ? Des explosions, des explosions puissantes. Et des millions d'internautes courent ce risque." Ce virus qui à été baptisé Death Ray par des experts comme Heriden, est apparu en Angleterre 1er Aout. Un étudiant de 24 ans est devenu aveugle quand son moniteur couleur de 15 pouces lui a explosé à la figure.
"Alors, comment pouvez-vous vous protéger ? J'aimerais le savoir," dit Heriden. "Soit vous arretez d'utiliser Internet, soit vous prenez un risque jusqu'à ce qu'on trouve une solution d'éradication fiable.
Il existe de nombreux virus et chevaux de Troie réels baptisés AIDS mais le message d'alerte ne décrit aucun de ceux là...
Ce message d'alerte (reproduit plus bas) indique que le virus se propage grâce à un E-mail. Pour qu'un virus se propage il doit être executé.Lire un mail ne suffit pas pour une activation. Des virus ou des Chevaux de Troie on déjà été envoyés comme fichier joint à des mails mais doivent être exécutés pour pouvoir travailler et faire des dommages. Même un macro virus Word à besoin que le fichier Word soit ouvert par Word pour pouvoir être activé... Le CIAC vous recommande de vérifier tous les fichiers exécutables ou les documents Word que vous pourriez recevoir en tant que fichier joint à un mail, avec un programme anti-virus avant de les exécuter ou de les ouvrir avec Word....
Le message d'alerte prétend que le virus peut physiquement détruire votre matériel informatique, ce qui est totalement impossible. Le fait que l'auteurs de ce message ne l'aient pas signé indique à lui seul est un signe de forte probabilité que le message soit une fausse alerte...
THERE IS A VIRUS GOING AROUND CALLED THE A.I.D.S VIRUS. IT WILL ATTACH ITSELF INSIDE YOUR COMPUTER AND EAT AWAY AT YOUR MEMORY THIS MEMORY IS IRREPLACEABLE. THEN WHEN IT'S FINISHED WITH MEMORY IT INFECTS YOUR MOUSE OR POINTING DEVICE. THEN IT GOES TO YOUR KEY BOARD AND THE LETTERS YOU TYPE WILLNOT REGISTER ON SCREEN. BEFORE IT SELF TERMINATES IT EATS 5MB OF HARD DRIVE SPACE AND WILL DELETE ALL PROGRAMS ON IT AND IT CAN SHUT DOWN ANY 8 BIT TO 16 BIT SOUND CARDS RENDERING YOUR SPEAKERS USELESS. IT WILL COME IN E-MAIL CALLED "OPEN:VERY COOL! :) DELETE IT RIGHT AWAY. THIS VIRUS WILL BASICLY RENDER YOUR COMPUTER USELESS. YOU MUST PASS THIS ON QUICKLY AND TO AS MANY PEOPLE AS POSSLE!!!!! YOU MUST!
Subj: Internet Cleanup Day THIS MESSAGE WILL AGAIN BE REPEATED IN MID
FEBRUARY. *** Attention *** It's that time again! As many of you know,
each year the Internet must be shut down for 24 hours in order to allow
us to clean it. The cleaning process, which eliminates dead email and inactive
ftp, www and gopher sites, allows for a better working and faster Internet.
This year, the cleaning process will take place from 12:01 a.m.. GMT on
February 27 until 12:01 a.m. GMT on February 28 (the time least likely
to interfere with ongoing work). During that 24-hour period, five powerful
Internet search engines situated around the world will search the Internet
and delete any data that they find. In order to protect your valuable data
from deletion we ask that you do the following: 1. Disconnect all terminals
and local area networks from their Internet connections. 2. Shut down all
Internet servers, or disconnect them from the Internet. 3. Disconnect all
disks and hardrives from any connections to the Internet. 4. Refrain from
connecting any computer to the Internet in any way. We understand the inconvenience
that this may cause some Internet users, and we apologize. However, we
are certain that any inconveniences will be more than made up for by the
increased speed and efficiency of the Internet, once it has been cleared
of electronic flotsam and jetsam. We thank you for your cooperation. *****
Signature Removed *****
ZDNet's article "Bill Gates grubs for money...NOT!" released 12/3/97.
FROM: GatesBeta@microsoft.com ATTACH: Tracklog@microsoft.com/Track883432/~TraceActive/On.html Hello Everyone, And thank you for signing up for my Beta Email Tracking Application or (BETA) for short. My name is Bill Gates. Here at Microsoft we have just compiled an e-mail tracing program that tracks everyone to whom this message is forwarded to. It does this through an unique IP (Internet Protocol) address log book database. We are experimenting with this and need your help. Forward this to everyone you know and if it reaches 1000 people everyone on the list you will receive $1000 and a copy of Windows98 at my expense. Enjoy. Note: Duplicate entries will not be counted. You will be notified by email with further instructions once this email has reached 1000 people. Windows98 will not be shipped until it has been released to the general public. Your friend, Bill Gates & The Microsoft Development Team.
Disney Worldwide Services:
"There is no such product or offer made by Disney."
************************************************************* Hello Disney fans, And thank you for signing up for Bill Gates' Beta Email Tracking. My name is Walt Disney Jr. Here at Disney we are working with Microsoft which has just compiled an e-mail tracing program that tracks everyone to whom this message is forwarded to. It does this through an unique IP (Internet Protocol) address log book database. We are experimenting with this and need your help. Forward this to everyone you know and if it reaches 13,000 people, 1,300 of the people on the list will receive $5,000, and the rest will receive a free trip for two to Disney World for one week during the summer of 1999 at our expense. Enjoy. Note: Duplicate entries will not be counted. You will be notified by email with further instructions once this email has reached 13,000 people. Your friends, Walt Disney Jr., Disney, Bill Gates & The Microsoft Development Team. *******************************************************************
************************************************************* Hello: We here at Miller Brewing Company, Inc. would like to help bring in the new millennium for everyone. We like to think of ourselves as a progressive company, keeping up with our customers. We have found the best way to do this via the Internet and email. Combining these things, we would like to make a special offer to our valued customers: If this email makes it to 2,000,000 people by 12:00 PM on New Year's Eve of 1999, we will send a coupon for one six-pack of any of our Miller Brand beverages. In the event that 2,000,000 people are reached, our tracker/counter, embedded in this message, will report to us with the list of names and email addresses. Thereafter, each email address will be sent an electronic coupon which you can print out and redeem at any Miller Brand beverage carrying store. The coupons will be sent as soon as 2,000,000 people are reached, so the sooner, the better. Enjoy, and Cheers, Gary D. Anderson, Chief Marketing Director Miller Brewing Company, Inc. http://www.millerbrewing.com *************************************************************
Netscape and AOL have recently merged to form the largest internet company in the world. In an effort to remain at pace with this giant, Microsoft has introduced a new email tracking system as a way to keep Internet Explorer as the most popular browser on the market. This email is a beta test of the new software and Microsoft has generously offered to compensate those who participate in the testing process. For each person you send this email to, you will be given $5. For every person they give it to, you will be given an additional $3. For every person they send it to you will receive $1. Microsoft will tally all the emails produced under your name over a two week period and then email you with more instructions. This beta test is only for Microsoft Windows users because the email tracking device that contacts Microsoft is embedded into the code of Windows 95 and 98. I know you guys hate forwards. But I started this a month ago because I was very short on cash. A week ago I got an email from Microsoft asking me for my address. I gave it to them and yesterday I got a check in the mail for $800. It really works. I wanted you to get a piece of the action. You won't regret it.
Subject: FW: FREE clothes from GAP Everyone loves free stuff! Abercrombie & Fitch have recently merged to form the largest hottie outfitter company in the world! In an effort to remain at pace with this giant, the GAP has introduced a new email tracking system to determine who has the most loyal followers. This email is a beta test of the new clothing line and GAP has generously offered to compensate those who participate in testing process. For each person you send this e-mail to, you will be given a pair of cargo pants. For every person they give it to, you will be given an additional Hawaiian print T-shirt, for every person they send it to, you will recieve a fishermans hat! GAP will tally all the emails produced under your name over a two week period and then email you with more instructions. This beta test is only for Microsoft Windows users because the email tracking device that contacts GAP is embedded into the code of Windows 95 and 98. If you wish to speed up the "clothes receiving process" then you can email the GAP's P.R. rep for a free list of email addresses to try, at....gollygap@yahoo.com (this was forwarded to me, it's not me saying this...) I know you guys hate forwards, but I started this a month ago. A week ago, I got an email from the GAP asking me for my address I gave it to them yesterday and I got a box load of mechandise in the mail from the GAP!!!!! It really works! I wanted you to get a piece of the action, you won't regret it
Subject: Free Computer Equipment!!! Date: Monday, June 28, 1999 6:35 PM Hey, I just wanted to let you guys know about this great new PC I just got from IBM! Hewlett-Packard and Gateway have just merged to form the biggest computer supplier in the world! Bigger than Dell, bigger than IBM, bigger than them all! In response to this amazing merger, IBM has set aside 250,000 free computers to reward and keep it's most loyal and trusted customers! I've already got mine, read on to see how you can get yours!!! This email has a special encoding which will let IBM know every time you send it to one of your friends or relatives. The first 250,000 people who send this to at least 15 of their friends will receive a brand new IBM computer! After you send this to your friends, and qualify, IBM will contact you via email, and get your shipping address. Send them your address, and in a couple of days, a brand new computer, complete with printer, and 19" monitor is sitting on your doorstep! You must hurry, because this offer ends July 31 of this year! Here's the catch, though. Each of your friends must send this to at least 5 people or you won't be eligible, so choose your friends wisely! Remember, a true friend will send this along for you! That's all it takes,no strings attached! No purchase necessary!!! You don't even have to have previously purchased a computer from IBM! They want to earn or keep your future business, and they're willing to pay for it!!!
VIRUS WARNING !!!!!! If you receive an email titled "WIN A HOLIDAY" DO NOT open it. It will erase everything on your hard drive. Forward this letter out as many people as you can. This is a new, very malicious virus and not many people know about it. This information was announced yesterday morning from Microsoft; please share it with everyone that might access the Internet. Once again, pass this along to EVERYONE in our address book so that this may be stopped. Also, do not open or even look at any mail that says "RETURNED OR UNABLE TO DELIVER" This virus will attach itself to your computer components and render them useless. Immediately delete any mail items that say this. AOL has said that this is a very dangerous virus and that there is NO remedy for it at this time. Please practice cautionary measures and forward this to all your online friends ASAP.
************************************* IM SORRY GUYS>>I REALLY DONT BELIEVE
IT BUT SENDING IT TO YALL JUST IN CASE!!!!!!!!!!!! This is not a joke...if
you do not forward this e-mail to 20 other people............. your computer
will be a living hell thanks to one of our very own little ingenus viruses.
I repeat this is not a joke this virus will come to you only a week after
you open this piece of mail in a very undiscreet e-mail If you open this
e-mail after opening others, it just might come as a letter from your "buddy"
Watch out! You have one week.. starting now. If this virus gets in it won't
come back out. It will slowly delete 1 file a day from system IRQ files,
startup files and win 95 kernels for registery address {1593338-489h985}
Thank you for your time.......#:) hahahahaha SCREW YOU!!! *************************************
AOL RIOT JUNE 1, 1998 WARNING: You must forward this letter to 10 people or your account will be terminated on June 1, 1998. All recipients of this e-mail are being tracked. When you received this, when you forwarded it, who you forwarded it to, is all on record. We are AOL's most elite hacker group, known as LcW. We have hacked AOL's (easily infiltrated) systems on numerous occaisions. We have shut down AOL keywords, we can kick any AOL Staff member off for 24 hours, we have gained access to Steve Case's account, we have created AOL's most famous hacking programs (Fate X, HaVoK, HeLL RaIsEr, MaGeNtA) and we can certainly get your credit card info. However, if you send this to 10 people, like you are told, you will escape unharmed. We won't terminate your account and you will be able to continue using AOL. So if you know whats best for you, you will send this to 10 people as soon as possible. If you think we are bluffing....just wait till June 1, and see if you can sign or not. CAUTION: THERE WILL BE A VIRUS UPLOADED ON AOL'S MAIN SERVER ON JUNE 1, 1998. ANY USERS WHO HAVEN'T FORWARDED THIS MESSAGE WILL AUTOMATICALLY HAVE THE VIRUS DOWNLOADED INTO THEIR SYSTEM. WE SUGGEST YOU FORWARD THIS MESSAGE OR YOUR COMPUTER WILL BE FRIED. ***** Because of the outrage of AOL's increasing prices, LcW has decided to create a riot on May 1, that will cause havoc on AOL. We will be sending viruses out to thousands of AOL users. We will be terminating accounts. We will be hacking into Guide chat rooms and kicking guides offline. There will be no AOL Staff - just complete pandemonium. If you want to join this riot, we urge you to! You won't have to worry about being TOSed or Reported because there will be no Guides online! So do whatever you want - punt, scroll, tos, just turn AOL into a war zone! ***** LIST OF LcW HACKERS ON AOL We represent LcW The following Hackers will be co-ordinating the Riot and hacking AOL's mainframe computer, and uploading viruses into the system. WaReZxHaCk MaGuS ReDxKiNG HaVoK SkiD SeMeN NoStRa PhoneTap InetXWeb Psy Acid PoiSon iV PaUsE CooLant InFeRnO XStatic Chronic Burn Zone Degreez WaTcHeR ----- AOL RIOT ON JUNE 1, 1998 - You have been warned LcW is taking over America Online. This is not no f***ing joke either. You have been warned. ----- Where f*** is a common vulgar expletive.
************************************************************************************ From a former AOL employee: I'll try and cut through the crap, and try to get to the point of this letter. I used to work for America Online, and would like to remain anonymous for that reason. I was laid off in early September, but I know exactly why I was laid off, which I will now explain: Since last December, I had been one of the many people assigned to design AOL 4.0 for Windows (AOL 4.0 beta, codenamed Casablanca). In the beginning, I was very proud of this task, until I found out the true cost of it. Things were going fine until about mid-February, when me and 2 of my colleagues started to suspect a problem, an unexplainable 'Privacy Invasion', with the new version. One of them, who is a master programmer, copied the finished portion of the new version (Then 'Build 52'), and took it home, and we spent nearly 2 weeks of sleepless nights examining and debugging the program, flipping it inside-out, and here is what we found. Unlike all previous versions of America Online, version 4.0 puts something in your hard drive called a 'cookie'. (AOL members click here for a definition). However, the cookie we found on Version 4.0 was far more treacherous than the simple Internet cookie. How would you like somebody looking at your entire hard drive, snooping through any (yes, any) piece of information on your hard drive. It could also read your password and log in information and store it deep in the program code. Well, all previous versions, whether you like it or not, have done this to a certain extent, but only with files you downloaded. As me and my colleagues discovered, with the new version, anytime you are signed on to AOL, any top AOL executive, any AOL worker, who has been sworn to secrecy regarding this feature, can go in to your hard drive and retrieve any piece of information that they so desire. Billing, download records, e-mail, directories, personal documents, programs, financial information, scanned images, etc. Better start keeping all those pictures on a floppy disk! This is a totally disgusting violation of our rights, and your right to know as well. Since this is undoubtedly 'Top Secret' information that I am revealing, my life at AOL is pretty much over. After discovering this inform attain, we started to inform a few other workers at America Online, so that we could get a large enough crew to stop this from happening to the millions of unfortunate and unsuspecting America Online members. This was in early August. One month later, all three of us were unemployed. We got together, and figured there was something we had to do to let the public know. Unemployed, with one of us going through a divorce (me) and another who is about to undergo treatment for Cancer, our combined financial situation is not currently enough to release any sort or article. We attempted to create a web page on three different servers containing in-depth information on AOL 4.0, but all three were taken down within 2 days. We were running very low on time (4.0 is released early this winter), so we figured our last hope to reveal this madness before it effects the people was starting something similar to a chain letter, this letter you are reading. Please do the following, to help us expose AOL for who they really are, and to help us and yourself receive personal gratification for taking a stand for our freedom: 1. Forward this letter to as many people as you can (not just friends and family, as many as you can)! 2. Tell people who aren't on America Online in person, especially important people (Private Investigators, Government workers, City Council) 3. If the information about the new version isn't exposed by the time AOL is released early this winter, for your own protection, DON'T DOWNLOAD AOL 4.0 UNDER ANY CONDITION !!! Thank you for reading and examining this information. Me and my colleagues hope that you will help us do the right thing in this situation. Enjoy America Online (just kidding!). Regards, A former AOL employee ************************************************************************************
"Un ancien étudiant en informatique de Yale a plaidé coupable de fraude concernant AOL. AOL estime ses pertes entre 40000 et 70000 dollars en paiement de services à cause de la distribution du programme AOL4FREE à plusieurs centaines d'utilisateurs."ATTENTION l'utilisation du programme AOL4FREE.COM peut vous exposer à des poursuites légales.
(NDT: mais QUI peut avoir envie d'utiliser les "services" d'AOL, même gratuitement?? QUI???)
Le deuxième élément est l'alerte au faux virus
AOL4FREE . Il circule sur le Net sous la forme suivante qui prévient
d'un sois disant risque d'infection par E-mail...
************************************************************************************
VIRUS ALERT!!! DON'T OPEN E-MAIL NOTING "AOL4FREE" Anyone who receives
this must send it to as many people as you can. It is essential that this
problem be reconciled as soon as possible. A few hours ago, I opened an
E-mail that had the subject heading of "AOL4FREE.COM". Within seconds of
opening it, a window appeared and began to display my files that were being
deleted. I immediately shut down my computer, but it was too late. This
virus wiped me out. It ate the Anti-Virus Software that comes with the
Windows '95 Program along with F-Prot AVS. Neither was able to detect it.
Please be careful and send this to as many people as possible, so maybe
this new virus can be eliminated. ************************************************************************************
Plusieurs problèmes identifient ce message comme étant faux..
Pour qu'un virus se propage il doit être executé. Lire un mail ne suffit pas pour une activation. Des virus ou des Chevaux de Troie on déjà été envoyés comme fichier joint à des mails mais doivent être exécutés pour pouvoir travailler et faire des dommages. Même un macro virus Word à besoin que le fichier Word soit ouvert par Word pour pouvoir être activé...
Bien que ce message soit un faux, les faits décrit peuvent être déclenchés par un Cheval de Troie, à la condition que le lecteur exécute le fichier joint contenant le cheval de troie. En fait cela a été réalisé comme expliqué ci-dessous.
Le troisième élément est Le cheval de Troie AOL4FREE.COM .Ce programme ce présente comme s'il était de programme AOL4FREE permettant l'accès gratuit à AOL (bien que ce soit un programme DOS et non pas Mac) mais il n'est en fait qu'un simple exécutable DOS qui lance la commande DOS DELTREE sur la racine du disque dur C: sur toute machine DOS ou Windows. La commande DELTREE efface tous les fichier dans un dossier, en incluant le dossier lui même ainsi que tous les sous dossiers présents dans le dossier initial. L'effet final est l'effacement total de toutes les données du disque dur C: des machines DOS/Windows
Si vous rencontrez ce programme, quelle qu'en soit la source, NE L'EXÉCUTEZ PAS. Pour plus d'informations voir le bulletin CIAC H-47a: AOL4FREE.COM Trojan Horse Program Destroys Hard Drives.
Le CIAC vous recommande de TOUJOURS vérifier tous les fichiers
que vous téléchargés avec un anti-virus. ATTENTION!!
la plupart des chevaux de Troie ne sont pas détectés par
les anti-virus, soyez toujours très prudents avant d'exécuter
un programme téléchargé surtout si sa source vous
est inconnue...
C'est une variante de la cyberlégende historique sur la taxe
sur les modem... La dernière version est apparue le 6 novembre 1996
basée, apparemment, sur un reportage de CNN. Les versions les plus
anciennes désignaient la FCC comme le grand méchant de l'histoire
puis ce fut le tour du gouvernement américain et enfin celui du
congrès américain...
Déclaration de la FCC :
"La FCC n'a pas l'intention de mettre en place un système de paiement à la minute pour l'accès a Internet ni de mettre en
place aucun changement sur la façon par laquelle les internautes peuvent se connecter au Net...
(NDT: en France, cette taxe existe bel et bien et s'appelle France Télécom. Cette cyberlégende particulière est
malheureusement bien réelle chez nous...)
******************************** Date: Wednesday, January 06, 1999 10:03 PM Looks like Congress has found another way to tax us. There is a new bill in US Congress that will be affecting all Internet users. You might want to read this and pass it on. CNN stated that the government would in two weeks time decide to allow or not allow a charge to your (OUR) phone bill each time you access the internet. Please visit the following URL and fill out the necessary form! The address is http://www.house.gov/writerep/ If EACH one of us, forward this message on to others in a hurry, we may be able to prevent this from happening! (Maybe we CAN fight the phone company!) *********************************This alert is a hoax. The earliest electronic version of it, which does not urge any particular action but merely reports and comments on the story, appeared on Usenet on Nov 06, 1998. Appearing under the thread "INTERNET PER MINUTE FEES COMING?" on the ba.internet news group, it cited a CNN story aired that same day. A later version, urging everyone to contact Congress, appeared on Nov 18, 1998 in a different news group and referenced an FCC release dated Oct 30, 1998 as the source of the CNN story. The actual FCC proceeding which apparently set off this mushrooming flurry of alerts dealt with the 'reciprocal billing' issue, which relates to charges for interconnectivity between various telcos.
In reaction to it, the FCC issued an official statement of December, 1998, which can be found at <http://www.fcc.gov/Bureaus/Common_Carrier/Factsheets/nominute.html>. This publication restates that the reciprocal billing issue does not include any proposal to have metered billing of any sort by the telcos for internet usage.
Reputable organizations producing legislative alerts will include some basic information which will assist the reader in determining how and when to respond. Most if not all of this information was missing from this spurious alert.
1) Congress does not vote as a single body. Any alert should name the specific body (House or Senate) scheduled to vote to whom letters/email should be sent. It will also indicate whether this is in front of a committee, and which committee, or that it is set for a floor vote.
2) At a minimum, a specific bill number will be cited such as S.1615 or H.R.3888. The reader can then check the Congressional bill status web site <http://thomas.loc.gov> to determine the precise current status of the bill before writing to your member of Congress about it.
3) A specific alert date, and a deadline date for responses, will be included to help in determining whether the alert is stale.
4) A legitimate alert will say exactly what is wrong with (or right with) the bill, possibly even citing a specific section. Check the language of the bill on Thomas to ensure that amendments to the bill in between the time the alert went out and the time that you're reading it haven't changed it to the point where the alert is no longer relevant.
It should also be noted that this alert began making its rounds after the 105th Congress had adjourned. Although the House of Representatives came back into a lame duck (post election) session to consider the issue of impeachment of the president, no other issues were considered. And the Senate did not reconvene at all. The 106th Congress was officially convened in early January, 1999. At the time the new Congress is seated at the beginning of every odd numbered year, all bills not enacted into law by the end of the previous Congress are swept away. The new Congress starts over with a clean slate, introducing entirely new bills which must make their way through the entire legislative process. A legislative alert from 1998 is null and void in January, 1999, whether it was spurious at the time or not.
Charles Oriez coriez@netone.com National Legislative Chair Association of Information Technology Professionals <http://www.aitp.org>
Voici une variante de la précédente, cette fois ce sont les E-mails qui seraient taxés ... Celle ci inclut une décharge du journal 'The Washingtonian' à l'adresse suivante : http://www.washingtonian.com/about/emailhoax.html ******** Dear Internet Subscriber: Please read the following carefully if you intend to stay online and continue using e-mail: The last few months have revealed an alarming trend in the Government of the United States attempting to quietly push through legislation that will affect your use of the Internet. Under proposed legislation (Bill 602P) the U.S. Postal service will be attempting to bilk email users out of "alternative postage fees". Bill 602P will permit the Federal Govt. to charge 5 cents surcharge on every email delivered, by billing Internet Service Providers at source. The consumer would then be billed inturn by the ISP. Washington D.C. lawyer Richard Stepp is working without pay to prevent this legislation from becoming law. The U.S. Postal Service is claiming that lost revenue due to the proliferation of email is costing nearly $230,000,000 in revenue per year. You may have noticed the recent ad campaign "There is nothing like a letter". Since the average citizen received about 10 pieces of email per day in 1998, the cost to the typical individual would be an additional 50 cents per day, or over $180 per year, above and beyond their regular Internet costs. Note that this would be money paid directly to the U.S. Postal Service for a service they do not even provide. The whole point of the Internet is democracy and non-inerference. If the Federal Govt. is permitted to tamper with our liberties by adding a surcharge to e-mail, who knows where it will end. You are already paying an exorbitant price for snail mail because of bureaucratic inefficiency. It currently takes up to 6 days for a letter to be delivered from New York to Buffalo. If the U.S. Postal Service is allowed to tinker with email, it will mark the end of the 'free' Internet in the United States. One congressman, Tony Schnell (R) has even suggested a "twenty to forty dollar per month surcharge on all Internet service" above and beyond the government's proposed email charges. Note that most of the major newspapers have ignored the story, the only exception being the Washingtonian which called the idea of email surcharge "a useful concept whose time has come" (March 6th 1999 Editorial) Don't sit by and watch your freedoms erode away! Send this email to all Americans on your list and tell your friends and relatives to write their congressman and say "No!" to Bill 602P Kate Turner assistant to Richard Stepp Berger, Stepp and Gorman Attorneys at Law 216 Concorde Street, Vienna, VA. ********
Récemment le site Blue Mountain Cards a été la cible de fausses alertes indiquant que l'ouverture d'une carte de voeux provenant de leur site était susceptible de planter les système de l'ordinateur effectuant cette opération. Ces allégations son totalement fausses et non fondées. Ci-dessous le communiqué du directeur exécutif de Blue Mountain Cards. Jared Schutz, Executive Director Blue Mountain Arts "It is very frustrating and difficult for us to dispel these rumors, but please help us in doing so by passing this email along to your friends and spreading the word that there is no way that bluemountain.com can spread a virus. Our electronic greeting cards are simply web pages that you view with your browser. Our email notifications are only text messages without any attached files. When someone sends or receives cards from our site, they do not actually download to their computer any file that might contain a virus. We are worried that these rumors are hurting our free card efforts, and hope that you can help us set the record straight." http://www1.bluemountain.com/home/hoax.html
L'E-mail original intitulé "It Takes Guts to Say 'Jesus'" est une pale imitation de nombreuses cyberlégendes déjà anciennes. Sa dernière incarnation est apparue après l'infection du virus "melissa"... Voici la dernière version connue, circulant sur le Net. **************************************** If you receive an email titled "It Takes Guts to Say 'Jesus' DO NOT OPEN IT. It will erase everything on your hard drive. This information was announced yesterday morning from IBM; AOL states that this is a very dangerous virus, much worse than "Melissa", and that there is NO remedy for it at this time. Some very sick individual has succeeded in using the re-format function from Norton Utilities causing it to completely erase all documents on the hard drive.It has been designed to work with Netscape Navigator and Microsoft Internet Explorer.It destroys MacIntosh and IBM compatible computers. This is a new, very malicious virus and not many people know about it. Pass this warning along to EVERYONE in your address book and please share it with all your online friends ASAP so that this threat may be stopped. Please practice cautionary measures and tell anyone that may have access to your computer. Forward this warning to everyone that might access the internet ****************************************
Attention!!!! DEFIEZ VOUS DES GRECS (Greeks) PORTANT DES CADEAUX ! ATTENTION ! ATTENTION !!! ATTENTION!! Si VOUS RECEVEZ UN CADEAU RESSEMBLANT A UN TRÈS GRAND CHEVAL EN BOIS NE LE CHARGEZ PAS!!!!! IL EST EXTREMEMENT DESTRUCTEUR ET EFFACERA VOTRE CITEE TOUTE ENTIERE !!!!! Le "cadeau" se présente sous la forme d'un très grand cheval de bois d'à peu près deux étage de haut et semble être abandonné. Ne le laisser PAS passer les portes de votre citée!!! Il contient des éléments incompatibles avec la programmation troyenne, dont une foule de guerriers grecs lourdement armés qui détruiront votre armée, pillerons votre ville, et tueront vos femmes et vos enfants. Si vous avez déjà reçu un tel présent NE L'OUVREZ PAS!!! Amenez le hors des murs de la citée sans l'avoir ouvert et brûlez le sur la plage. Envoyez ce message à tous ceux que vous connaissez! POSEIDON (NDT : un geek est le surnom donné aux USA aux jeunes obsédés des ordinateurs et d'internet)
La société Nstorm (http://www.nstorm.com ) a été la victime d'une chaîne de lettres prétendant que 2 de leur jeux distribués sur Internet étaient infectés par un virus. Le message ne précise pas de quel type est le code infectieux. Voici une déclaration de Nick Schoeneberger de Nvision Design, Inc., le développeur des jeux en question.
SUBJ: Really Nasty Virus AREA: GENERAL (1) I've just discovered probably the world's worst computer virus yet. I had just finished a late night session of BBS'ing and file treading when I exited Telix 3 and attempted to run pkxarc to unarc the software I had downloaded. Next thing I knew my hard disk was seeking all over and it was apparently writing random sectors. Thank god for strong coffee and a recent backup. Everything was back to normal, so I called the BBS again and downloaded a file. When I went to use ddir to list the directory, my hard disk was getting trashed again. I tried Procomm Plus TD and also PC Talk 3. Same results every time. Something was up so I hooked up to my test equipment and different modems (I do research and development for a local computer telecommunications company and have an in-house lab at my disposal). After another hour of corrupted hard drives I found what I think is the world's worst computer virus yet. The virus distributes itself on the modem sub- carrier present in all 2400 baud and up modems. The sub-carrier is used for ROM and register debugging purposes only, and otherwise serves no othr (sp) purpose. The virus sets a bit pattern in one of the internal modem registers, but it seemed to screw up the other registers on my USR. A modem that has been "infected" with this virus will then transmit the virus to other modems that use a subcarrier (I suppose those who use 300 and 1200 baud modems should be immune). The virus then attaches itself to all binary incoming data and infects the host computer's hard disk. The only way to get rid of this virus is to completely reset all the modem registers by hand, but I haven't found a way to vaccinate a modem against the virus, but there is the possibility of building a subcarrier filter. I am calling on a 1200 baud modem to enter this message, and have advised the sysops of the two other boards (names withheld). I don't know how this virus originated, but I'm sure it is the work of someone in the computer telecommunications field such as myself. Probably the best thing to do now is to stick to 1200 baud until we figure this thing out. Mike RoChenleCette description d'un faux virus déclenchat une réponse humoristique de la part de Robert Morris III :
Attention!!! Il existe un nouveau virus qui est pire que tout ce que nous avons pu voir juste ici! Il se propage par les lignes de courant, chevauchant les porteuses à 50 Hz. Il change les câblages des ports série et inverse le sens de rotation des disques durs. Plus de 300.000 systèmes ont été touchés uniquement à Murphy dans le Dakota Occidental. Et ce dans les dernières 12 minutes!! Ce virus s'attaque aux systèmes DOS, Unix, TOPS-20, Apple-II, VMS, Multics, Mac, RSX-11, ITS, TRS-80 and les magnétoscopes VHS. Pour vous protéger de ce virus : 1) N'utilisez pas les lignes électriques 2) N'utilisez pas de piles non plus, une rumeur indique que les pôles positifs sont infectés aussi et ce, dès la conception, dans des usines touchées par le virus (vous pouvez, par contre, utiliser les pôles négatifs seuls) 3) Ne Téléchargez ni ne transmettez aucun fichier. 4) Ne sauvegardez aucun fichier sur disquettes ou sur disque dur. 5) Ne lisez aucun messages, PAS MÊME CELUI-LA!!! 6) N'utilisez pas vos port série, modem, ou lignes téléphonique. 7) N'utilisez pas de clavier, d'écran ou d'imprimante. 8) n'utilisez pas de mémoire, de processeur, de commutateur ou de mainframe. 9) N'utilisez pas de lumières électrique, de chauffage électrique ou au gaz d'air conditionné, d'eau courante, n'écrivez pas, n'utilisez pas de feu, de vêtement ou de roue... Je suis sur que si nous faisons bien attention à suivre ces 9 règles simples ce virus pourra être éradiqué et les précieux fluides de nos ordinateurs resteront purs. ---RTM IIIDepuis ce jour les fausses alertes au virus ont inondés le Net. Avec des milliers de virus dans le monde, la paranoïa de la communauté est montée à un niveau très élevé. C'est cette paranoïa qui alimente les cyberlégendes. Un bon exemple de ce comportement est la cyberlégende du virus "good times" qui à débuté en 1994 et qui circule encore aujourd'hui. Plutôt que de dépendre d'ordinateurs et de liaisons pour ce propager, "good times" utilise un vecteur bien plus puissant : la peur et et la crédulité...
1) Un langage sonnant technique
2) Crédibilité par association.
Si l'alerte utilise un jargon technique approprié, la plupart des personnes, même les personnes familières avec les ordinateurs, tendent à penser que l'alerte est réelle. Par exemple dans l'alerte "good times" on peut lire que "si le programme n'est pas arrêté, le processeur de l'ordinateur sera placé dans une boucle binaire infinie de la Nième complexité qui risque d'endommager gravement le processeur..." . La première fois que quelqu'un lit cela, cela sonne très "techniquement" vrai.Après un minimum de recherche on s'aperçoit qu'il n'existe pas de boucle binaire infinie de la Nième complexité et que les processeurs sont prévus pour tourner en boucle pendant des semaines sans aucun dommage possible...
Quand on parle de crédibilité par association, nous faisons référence à la source de l'alerte. Si le concierge d'un grande boite technologique envoie une alerte à l'extérieur, les personnes recevant cette alerte auront tendance à la croire parce que cette organisation "sait ces choses là..." alors que la personne envoyant le message peut très bien n'avoir aucune connaissance sur ce sujet là. C'est le prestige de la boite qui rend l'alerte plausible. Si c'est un manager connu de la boite qui est à l'origine du message l'effet est encore plus grand...
Le fait qu'une alerte demande à être retransmise à un maximum de personnes et d'amis dénote en général une fausse alerte.
Un autre détail indiquant une fausse alerte est la citation de la FCC comme source du message. La FCC ne donne pas d'alerte virus, ce n'est pas son boulot...
Une alerte sans signature ou dont la signature est douteuse est probablement fausse.
En ce qui concerne la véracité des chaîne de lettres sur Internet voyez le site suivant :
http://ciac.llnl.gov/ciac/CIACChainLetters.html.
De plus, la plupart des compagnie fabricant des anti-virus ont une page web contenant des informations sur la plupart des virus connus et des cyberlégendes Vous pouvez également vérifiez le site web de la compagnie produisant le produit qui est sensé contenir un virus. Par exemple vérifier le site de PKWARE permettrait d'arrêter la cyberlégende de PKZ300, puisqu'il n'existe pas de version 3 de PKzip...Un autre site utile est la "Computer Virus Myths home page" (http://www.kumite.com/myths/) qui contient la description de nombreuses cyberlégendes. Dans la plupart des cas un peu de bon sens suffit à détecter les cyberlégendes...
