[plug] Mozilla Mail and virus

[Craig Ringer]

> - These days, clueless journos use "virus" for a whole buch of things 
> which dont fit the viral analogy, so the word doesnt mean much anymore.
> 
> - Many recent "viruses" would be better described as trojans - ie programs 
> that a user is tricked into running. They may propagate by e-mail.

Recently we've been getting a lot of hybrid worm/trojans, often with a 
virus payload. They attack MS Outlook / Outlook Express like a worm. The 
message they mass-mail is crafted to try to trick users into opening it, 
trojan style. If either attack method works, they'll mass-mail 
themselves to propagate and then sometimes infect files on the user's PC 
with a virus. Sometimes the virus even carries a copy of the worm so it 
can propagate later at its leasure. Sometimes its just a damaging payload.

I think these do qualify as a worm, after all the user never even /sees/ 
the message until after its done the damage, they have no involvement 
beyond checking their mail. Often they don't need to even do that (auto 
mail check enabled) and the worm spreads without any human intervention. 
I'd say that outlook worms are a sub-class of normal worms really.

Feindishly complex really, and they're only getting worse with the 
addition of multiple attack vectors (eg spreads over SMB network and 
mass-mailing).

Heh. Just got another copy of the "snow white" mass-mailing trojan. 
*sigh*. People really are very, very stupid aren't they?

Craig