[CentOS] Did you ID this spam? what does it do? Does it have a name?

Mon Apr 18 09:43:14 UTC 2011
Ljubomir Ljubojevic <office at plnet.rs>

Steven Vishoot wrote:
> 
> 
> 
> ----- Original Message ----
>> From: Ljubomir Ljubojevic <office at plnet.rs>
>> To: CentOS mailing list <centos at centos.org>
>> Sent: Mon, April 18, 2011 3:20:11 AM
>> Subject: Re: [CentOS] Did you ID this spam? what does it do? Does it have a 
>> name?
> 
>>>>  Steven:
>>>>
>>>> Did you ID this spam? what does it do? Does it  have a  name? I am an admin 
>> for 
>>
>>>> an 
>>>>
>>>>  email list and someone got infected and now I'm  seeing this. 
>>>>
>>>> I warned her, but if you found the offending machine  and 
>>>> cleaned it off, I would like to know:
>>>>
>>>>  What OS it was running
>>> windows xp sp3
>>>
>>>>  What  Antivirus / anti malware software you used
>>> I use  AVG
>>>
>>>> What the AV software said about  this (name of  virus/malware, etc)
>>> it was Trojan hoarse / Agent.F
>>>
>>>>  What the malware _does_ if known
>>> N/A
>>>> If the   AV treatment  worked...
>>> Do you see spam anymore???
>>>
>>> and to answer the other question. it was window computer but web based  email 
>>> client.
>>>
>> Are you telling me that trojan  manipulated webmail account??? Hm, I 
>> think it might be Chat client (Live  Messenger, Yahoo, etc.) rather then 
>> mail client itself, in that  case.
>>
>> Ljubomir
>> _______________________________________________
>> CentOS  mailing list
>> CentOS at centos.org
>> http://lists.centos.org/mailman/listinfo/centos
> 
> 
> no telling you that trojan manipulated computer that was logged onto webmail 
> because centos list only goes to a webmail account. do not have any of those 
> chat client on computer do not like them will not put them on. Lets just do one 
> thing and let this drop it does not need to keep on going on list since it is 
> not a centos or linux related thread. thank you.
> _______________________________________________
> CentOS mailing list
> CentOS at centos.org
> http://lists.centos.org/mailman/listinfo/centos
> 
> 

I will conclude this topic with this warning:

I am afraid it might be little more serious then that, at least for you:

"This description is for a password stealing trojan which attempts to 
steal user information for certain online games.

The characteristics of this password stealer with regards to passwords 
stolen, sites accessed, files downloaded etc will differ, depending on 
the way in which the attacker had configured it. Hence, this is a 
general description."

So there is high possibility that your password for that webmail account 
(and who knows what else) has been stolen, and owner of the Trojan 
logged in by himself and he sent the mail to this list.

Ljubomir