Talbert Pipes- Some info on today's virus emails

Trever Talbert trever at talbertpipes.com
Fri Oct 29 20:23:10 EDT 2004


Hello!  Rather than reply to all the individual emails I've gotten on the 
two virus emails that went out today, I'll simply try to fill everyone on 
the mailing list in on what happened.  The short answer at the moment is 
that I don't know yet.  Earlier today, two emails infected with the W32 
Beagle virus were sent to everyone on the Talbert Pipes mailing list.  The 
list is not kept on my computer or managed here, but rather at Pair 
Networks, our website host provider.  As soon as I noticed the virus emails 
(I get copies of all notices I send out, just as a precaution), I ran a full 
virus scan on this PC (I use Norton and double-checked with Trend Micro's 
online scan as well, plus always run firewalled, plus Spybot also just in 
case!) and found nothing.  I've also run Symantec's specialized 
scan-and-remove tool for this specific worm, again with no results.  At this 
point, my best guess is that someone managed to hack into the mailing list 
on the Pair server and "hijacked" it that way, rather than the email 
originating from here...  or, possibly they managed to spoof my originating 
email so that the automated server list believed the emails had come from 
me, and passed them on accordingly.  I changed the mailing list passwords 
and have emailed Pair to ask about any security problems they may have had, 
but I don't expect to hear back immediately.  There is no vital or personal 
data of any kind kept on this server, so there is no risk of anyone's 
personal information being compromised (I don't keep bank card details on 
record at all unless specially requested to, and then they are kept only on 
paper record that's well-hidden).  I NEVER send attachments by the email 
list, so any list email with an attachment should be deleted.  I hope this 
hasn't caused anyone any distress.  This is a fairly old worm now and most 
ISPs and anti-virus clients guard against it.  Anyone experiencing problems 
can easily remove any infected file by using Symantec's free utility, posted 
here:
http://securityresponse.symantec.com/avcenter/venc/data/w32.beagle.a@mm.html?Open
I'm very sorry this has been a problem, and obviously given the press to 
finish the last Halloween pipes, it couldn't have happened at a worse time. 
Regarding the Halloween pipes, we are working round the clock and will post 
ASAP, and email a notice when they go up.
Happy smoking,
Trever Talbert
http://www.talbertpipes.com 



More information about the TalbertPipes mailing list