Lively discussions on the graphic arts and publishing — in print or on the web

Go Back   Desktop Publishing Forum > General Discussions > Software

Thread Tools Display Modes
Prev Previous Post   Next Post Next
Old 04-26-2012, 08:29 PM   #1
curveto's Avatar
Join Date: Feb 2005
Location: some room with white padded walls ... now surrounded by Saguaro Cacti
Posts: 352
Default Warning: My Thunderbird just got "spowned"

Like that? I just made it up. SPAM. Owned. Spowned.

Anyhow, I've sent the better part of two days now watching my speedy laptop do essentially nothing as I scanned it with multiple "offline" virus detect / removal tools (from MS and Kaspersky to be exact).

Why? You ask?

Because some baddy targeted some SPAM (with a evil payload) at my yahoo mail account. Did I click on it? Why, no in fact I did not. Yahoo dropped it in my Bulk / Spam folder and the process of EMPTYING the folder (which requires selection) in the latest and greatest Thunderbird managed to let them run an exploit that a) took Thunderbird down and b) dropped a specially crafted "profile" in Thunderbird's AppData/ work space.

ALL of this activity made it past Security Essentials, btw.

When I subsequently launched Thunderbird, I noticed my UI was acting a bit odd (I now know that the special profile was actually CHECKING email and then pulling down attachments, etc. from as if it were me). I immediately started getting all manner of Spam messages targeted at my email account (guess why).

CLUE: If you (like me, now) suddenly start to get all manner of spam take that as a clue that mayhaps someone has phoned home (from your box!) to put out a call to "send in the re-enforcements!"

Thinking something was odd (like my box was rooted) I ran Security Essentials *Offline* version and low and behold, WAAAAAAAY at the end of the file system search what does she find? ...a gaggle of really horrendous tools offering up all manner of access to/from my box. They were harder than snot to get rid of too. But I appear to have gotten all of them.

I also removed Thunderbird from my system so the crap that continues to arrive in my email account has no means to re-establish a beach landing.

Just sharing with some of my kin folk,
curveto is offline   Reply With Quote

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
pronounce "vnreasonable" and "haue." Andrew B. On Language & Literature 10 12-14-2008 04:41 PM
"Lazy HTML" warning dthomsen8 Web Design 3 08-28-2007 05:13 PM
Suppress Word's "File Download" dialog? Lab309 Web Site Building & Maintenance 1 01-13-2006 11:09 AM
Verbs: "obscure" vs "secure" groucho On Language & Literature 16 11-14-2005 04:43 PM

All times are GMT -8. The time now is 06:12 AM.

Powered by vBulletin® Version 3.8.9
Copyright ©2000 - 2020, vBulletin Solutions, Inc.
Contents copyright 2004–2019 Desktop Publishing Forum and its members.