Tilted Forum Project Discussion Community  

Go Back   Tilted Forum Project Discussion Community > Interests > Tilted Technology


 
 
LinkBack Thread Tools
Old 04-06-2005, 09:53 AM   #1 (permalink)
Psycho
 
Fourtyrulz's Avatar
 
Location: io-where?
Sdbot? wtf!

I just got this brutal email from our local Resnet folks on campus:

Quote:
Your computer is exhibiting symptoms of being infected with sdbot-

<http://securityresponse.symantec.com/avcenter/venc/data/backdoor.sdbot.s.html>
Sdbot is a trojan, which is different from run-of-the-mill viruses in
that someone, somewhere can have complete control of your machine
whenever they wish. Why can't I just remove the virus? Well...
The problem with just cleaning up is that the machine has potentially
been under the complete control of someone else. You *can't* know what
else may have been done to the machine, nor what else may have been
installed. Examples of things that *could* have been placed on the
machine include sniffers, keystroke loggers, backdoor services,... The
list is endless. Removing the sdbot files won't touch any other
malware on the machine. Personal information, such as credit card
numbers, passwords, etc. are also in jeopardy while using a computer
infected with sdbot.
As a result of the infection, your network connection has been
disabled. In order to restore Internet access you will need to reformat
your computer using the instructions at our website-
Once you have reformatted, reply to this e-mail address stating you
have reformatted and give your first and last name and your connection
can be re-enabled.
After your connection is re-enabled, make sure you have the
University's anti-virus software installed-

Also, you will want to visit Windows Update and download all critical
patches-

-ResNet Staff
And my question is a pretty simple one. How the hell did I get an sdbot trojan? I never download anything, my computer is password protected, and I only visit a select few sites. For those of you who have read anything about my current roomate problems, I was wondering if there is a way to use a boot disk or something to give me an sdbot trojan. Because I honestly don't know how I could have gotten it any other way!
__________________
the·o·ry - a working hypothesis that is considered probable based on experimental evidence or factual or conceptual analysis and is accepted as a basis for experimentation.
faith - Belief that does not rest on logical proof or material evidence.
- Merriam-Webster's dictionary
Fourtyrulz is offline  
Old 04-06-2005, 02:43 PM   #2 (permalink)
Devils Cabana Boy
 
Dilbert1234567's Avatar
 
Location: Central Coast CA
There is a new variant of it out just recently, it is not known by anti virus definitions yet. I’m dealing with it at work right now; as soon as I isolate it ill ship it off to the proper channels.

To answer your question, Trojans gain access through exploits in the system, this Trojan uses a yet unknown exploit, it is being worked on. it gets in through the network.
__________________
Donate Blood!

"Love is not finding the perfect person, but learning to see an imperfect person perfectly." -Sam Keen
Dilbert1234567 is offline  
Old 04-06-2005, 03:05 PM   #3 (permalink)
Psycho
 
shadowalker's Avatar
 
Location: Firefox yourself and change the world!
Not to take away from the post, I just love the quote on there message

As a result of the infection, your network connection has been
disabled. In order to restore Internet access you will need to reformat
your computer using the instructions at our website-
Once you have reformatted, reply to this e-mail address stating you
have reformatted and give your first and last name and your connection
can be re-enabled.

If thay have disabled your network connection how are you supposed to visit there website and get the information on formattion your system to there specs?
__________________
I'll make ya famous!
shadowalker is offline  
Old 04-06-2005, 03:10 PM   #4 (permalink)
Crazy
 
Location: Georgia Southern University
Yeah, I thought it looked pretty shady myself. I'd call the people and make sure this isn't some BS "teddy bear virus" style e-mail. These virus hoax e-mails pose as serious a threat as a real virus.
__________________
I will not walk so that a child may live!
- Master Shake
P-Naughty is offline  
Old 04-06-2005, 04:13 PM   #5 (permalink)
Darth Papa
 
ratbastid's Avatar
 
Location: Yonder
Quote:
Originally Posted by shadowalker
If thay have disabled your network connection how are you supposed to visit there website and get the information on formattion your system to there specs?
For that matter, how are you supposed to get this email?
ratbastid is offline  
Old 04-06-2005, 07:17 PM   #6 (permalink)
Tilted
 
spillblood's Avatar
 
i had the same problem b4 but my internet company didnt even tell me i have a virus they just cut me off. after two days of no internet i called rogers and asked why my internet was down. talked to three different ppl and didnt find out anything i was just told they would look into it. a week and a half later after calling a few times i found out from them i had a trojan and that they had removed my internet after fixing the problem i called and hooked it back up and what to i see in my inbox 2 emails from them saying that i had a trojan and they were shuting me down both mailed after they had cut me off. the best part is they made me paid for the time i was cut off! good old rogers
spillblood is offline  
Old 04-06-2005, 08:02 PM   #7 (permalink)
Psycho
 
Fourtyrulz's Avatar
 
Location: io-where?
Quote:
For that matter, how are you supposed to get this email?
That's the first thing that I thought too. But luckily here on campus there's no shortage of computer labs, so I just ran downstairs to check my email and there it was. It's perfectly legit too, just last month I had to help a friend reformat his computer after getting a similar email.

Dilbert,
Doesn't this kind of stuff just piss you off? I have 2 firewalls and Symantec antivirus which is managed by the universities resnet but yet I still managed to get some lame ass trojan. The way I see it, they screwed up not me!
__________________
the·o·ry - a working hypothesis that is considered probable based on experimental evidence or factual or conceptual analysis and is accepted as a basis for experimentation.
faith - Belief that does not rest on logical proof or material evidence.
- Merriam-Webster's dictionary
Fourtyrulz is offline  
Old 04-06-2005, 08:08 PM   #8 (permalink)
Devils Cabana Boy
 
Dilbert1234567's Avatar
 
Location: Central Coast CA
yeah it sucks its realy ovious what systems are doing it, we can find them in under 30 sec of looking, they are spamming like crazy.

basicly they are right, the trojan gives outsiders full control, remove all inportant files and reformat the thing.
__________________
Donate Blood!

"Love is not finding the perfect person, but learning to see an imperfect person perfectly." -Sam Keen
Dilbert1234567 is offline  
Old 04-08-2005, 05:32 PM   #9 (permalink)
Crazy
 
I once got hit with one of those. It was a bitch to remove..
d3cemberist is offline  
 

Tags
sdbot, wtf


Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are On



All times are GMT -8. The time now is 12:00 AM.

Tilted Forum Project

Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2024, vBulletin Solutions, Inc.
Search Engine Optimization by vBSEO 3.6.0 PL2
© 2002-2012 Tilted Forum Project

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76