On Avr, 13 2007 17:05 CEST, random name here wrote:
I belive that there is this virus that spreads by hijacking the users MSN and opening a dialog box to all online contancts. It sends a message to the contacts saying something along the line of "hey is this u in the picture??" and it gives a URL http://www.hothotpeople.net/photo8.com. After the virus sends the message to all of the contacts the computer freezes up and has to be restarted. After which if the user trys to open MSN again it freezes the computer. It also is using alot of the user's CPU power. Most people would not realize that the photo8.com "picture" is not actually a web site its another form of executeable (.com). I pinged the URL http://www.hothotpeople.net and it gave me an IP address of 217.70.184.38 and then i did a whois search of the address and that lead me to this site. I belive that this website is hosting some kind of malware at that location. If the file was removed then the virus would not be able to spread to anymore people because the link in the message would be invalid. please investigate this and take appropiate action bassed on your investigation. sincerly,random name here ______
Thank you for bringing this to our attention. As a word of general internet hygiene, if you have a link to a virus *don't* include the full link in a mail, because people will click on it and then download the virus! We are on Linux, so we won't be affected, but not everyone is out there... :) I have contacted the owner of the domain and assured that there is no longer any contaminants being sent from the domain. If you notice any other examples of abuse please send your complaints to abuse@gandi.net, and provide as much evidence as possible (fake whois, example of code, screenshots, etc...) Best regards,
Ryan http://www.gandi.net/