*HCS* Virus Voyeurism
Paul A. Gusmorino 3rd
pgusmor at fas.harvard.edu
Thu Aug 2 23:57:44 EDT 2001
This may be old news to some of you, but I just learned about it. I keep
getting these dumb "I send you this file in order to have your advice" email
virus messages and I just realized today that the file that they send you is
not only a copy of the worm itself, but also a file from the computer of the
victim with the worm attached to it.
If you open up the attachment in your favorite text editor (a.k.a. BBEdit)
and scroll past the binary junk, you'll get to the content of the person's
file. So far today I've received someone named Angela Vlahadamis's private
business correspondence and a student's outline for a paper about the
Spanish Inquisition. If only I had known earlier, I could have peered into
more than a dozen other people's private lives... ;-)
The worm grabs not only email addresses from the victim's address book, but
also from their IE cache, so if the user recently visited a web site with
your email address on it, you'll get an email, too, so these people are
often total strangers.
Anyway I thought this was interesting because it raises really complicated
issues about information and privacy on the Internet...
More information about the hcs-discuss