Tuesday, September 13, 2005

The Mac Support Store Supporting The Spread Of Viruses!

...

Late last week I reported on a PC based email virus that was AFFECTING (not infecting) Macs ...

I have received 1000's of "junk email" / SPAM that appear as "Undeliverable Messages" or bounced emails. It seems a virus is attacking various email database programs. Each time a new email address is "acquired by the virus" it adds it to a list. So, if one person is infected and that person has 10 people in their email contacts database - I am then emailed the same message from those 10 people - then it grows exponentially until ... finally someone stops it by removing it from their computer.

Here are two interesting obsevations:

Apparently Adaptec Customer Service was infected - Adaptec is the parent/branch company of Roxio - makers of Toast CD Authoring Softwareand SCSI inteface cards for the Mac & PC and most recently the Napster music download service (That is being trounced by iTunes)

I have gotten several messages from Adaptec customer service stating that a return I made in 2000, for a recalled cable; was shipping via Fed Ex.

Yesterday ... I received a message from Adaptec apologizing for the emails. Apologizing? My customer information was compromised!!!

Before I comment here's another interesting note:

I also received a similar message from The Mac Support Store.

This message stated that I could sign up for email lists and find out which email lists I am subscribed to at the Mac Support Store. I have never signed up for anything, bought anything, or asked that The Mac Support Store send me email. In fact, I have requested on 3 separate occasions that I be removed from ALL email correspondence from this company with a shady CEO.

Check out the original story I posted on The Mac Support Store here

The interesting thing about both of these emails is .... they were sent from a "junk email marketing" program called Lyris List Manager. Here is the support chart for Lyris List Manager:


Supported Platforms:

Windows 2000/XP/2003 Server
(Note: Windows 2003 Server Web edition is not supported for Microsoft SQL server, as Microsoft SQL Client Tools cannot be installed on this platform.)

Linux Red Hat, ES, AS, & WS versions 2.1 & 3.0 (Fedora core is not supported)

Solaris for SPARC 8, 9 & 10
(Note: ListManager for Solaris & Oracle uses the Oracle 9i 32 bit client tools. These tools may be downloaded from: http://otn.oracle.com/software/content.html.)


Interesting ... had The Mac Support Store actually supported Macs with their junk email servers or had Adaptec / Roxio actually been using Macs ... it looks like none of this would have happened.

Has anyone ever thought of suing someone for having an insecure database of their personal information? For all I know, the 600+ email messages I am getting a day from this "virus that is infecting PCs" originated from these two companies!

[UPDATE] I have read through a number of the "viral emails" I have received to see if I could find more recognizable domains. I also found this domain: computer-magic.com. Hmmmm .... on this page http://computer-magic.com/services.htm they claim to be network security experts. I have always found this claim in the Windows world to be an oxymoron and in some ways ... false advertising. Would you trust a company with your network security that can't even maintain the security of their own network?

[UPDATE II] Seems the majority of these messages originate from a virus started by V.I.P. Pharmaceuticals which has the completely
;-) ;-) innocent domain name http://hiladefjkc.tigeredit.info ...

And whatta you know ... the tigeredit.info domain was registered on the SAME DAY these emails started ...

From whois domain name owner information:

Domain Name:TIGEREDIT.INFO
Created On:29-Aug-2005 06:48:36 UTC
Last Updated On:05-Sep-2005 18:24:25 UTC
Expiration Date:29-Aug-2006 06:48:36 UTC
Sponsoring Registrar:R159-LRMS
Tech Name:Andrzej Chramiec
Tech Street1:AL.GRUNWALDZKA 1
Tech City:GDANSK WRZESZCZ
Tech State/Province:GDANSK WRZESZCZ
Tech Postal Code:80236
Tech Country:PL
Tech Phone:+48.583402626
Tech Email:tiggertastic40@yahoo.com
Name Server:NS2.WONDERMED.INFO
Name Server:NS1.WONDERMED.INFO
Name Server:NS1.DRGOODHEALTH.INFO
Name Server:NS2.DRGOODHEALTH.INFO


I don't understand ... if I can find this information out so easily (eventhough I know how to research it) ... why can't these people be stopped sooner than they are?

...

No comments: