Ron Schenone

‘Here You Have’ Virus Spreading Like Wildfire

Posted by on Sep 10, 2010 | 9 Comments

McAfee labs is reporting what is being called the ‘here you have’ or ‘just for you’ virus that  tricks users into believing that there is a .pdf file or sex movie waiting for them. Once the payload is activated, the virus may try to send itself to everyone in your address book. The message being sent to individuals appears like so:

Subject: Here you have or Just For you
Body:

Hello:

This is The Document I told you about,you can find it Here.
http://www.sharedocuments.com/library/PDF_Document21.025542010.pdf

Please check it and reply as soon as possible.

Cheers,

or

Hello:

This is The Free Dowload Sex Movies,you can find it Here.
http://www.sharemovies.com/library/SEX21.025542010.wmv

Enjoy Your Time.

Cheers,

Your best defense is not to open any attachments of links from persons you do not know. Next, you will want to keep your anti-virus program updated with the latest virus definitions.

Notice the misspelling of the word Download.

Be safe.

Comments welcome.

Source – McAfee

  • Dick

    How many times does this have to happen before folks wake up? Probably never. I fix neighbor and family computers and they all have one thing in common. Idiots clicking on EVERYTHING. So many junk programs their machines come to a halt.
    Here’s my latest tactic. I don’t fix computers! I want all these folks to be OFF the Internet. I want all their machines to grind to a halt. If they want on bad enough, they will pay somebody to clean the crap off their machines – every 6 months. If they don’t want to pay, buy a new computer – every 6 months.
    This way the economy gets a boost and we get virus vectors off the Internet. My honest advice is DON’T fix their machines. I gave away all my spare hardware to a kid that loves fixing up machines. Now I tell everyone, I don’t have that stuff anymore, or I don’t know anything about Windows 7. Any excuse to not fix them. I’m out of the free guru business.

    • http://wp3.lockergnome.com/nexus/blade/ Ron Schenone

      Hi Dick,
      I could not agree more. Windows 7 ???? What’s that ???? :-)

  • Claudia Vandermilt

    Another threat. Here’s why it’s important to have an intensive security measure in place.

    This one is nasty, deleting data rather than just being a nuisance.

    It can also transfer through mapped drives and instant messenger. Not just through email. Be careful.

    We’ve had several of our IT security team take IS Security training through VU online.

  • http://www.stewedprunes.com Chris Avis

    I take the opposite approach. I believe education is the key. While it annoys me that people have not figured out yet how to easily identify malware in email, I don’t think the iindustry targets the everyday user well enough with education that raises awareness about these issues. We need people that are willing to speak to people they know and reach out to communities to help alleviate these problems.

    Every person that I help with an issue like this is one more person that knows what to do (and what not to do!) and can pass that information on.

  • Buffet

    Only an ultra-maroon would open an attachment from a specious source in the first place! In this day and age it’s really hard to be sympathetic.

    • http://wp3.lockergnome.com/nexus/blade/ Ron Schenone

      Unfortunately this is true.

  • Dick

    I agree with the “educate them” policy in theory, but I’ve been educating them since 1982 and I’ve seen no difference. My nephew is close to my age and I’ve fixed his computers for many years and it’s always the same thing. Tons and tons of junk. Clicking on everything that appears to be a free goody. How do you stop that? Everyone I preach to and have for years still does no backup, loads junk, never updates AV software, never updates OS, or other critical software like Firefox. I’ve never seen a behavioral change yet. From the first Leading Edge PC to the multi-core monster I have now. They still do the very same things. I think it’s now worse by far with easy access to the world. Remember, these folks are the ones whose machines are polluting the Internet in volumes we cannot even understand. Wish it were not true, really, really wish it were not. Somebody give me some positive news about idiots on the Internet! Maybe some virus queen in your neighborhood croaked or something. Anything.

    • http://wp3.lockergnome.com/nexus/blade/ Ron Schenone

      Hi Dick,
      I remember Leading Edge. Those were the days. 4MB of RAM for $200. Hard disks costing $1 per 1MB.
      Did you notice I didn’t say the ‘good old days’. :-)

      Back on topic.

      ‘Remember, these folks are the ones whose machines are polluting the Internet in volumes we cannot even understand. ‘

      That one sentence says it all.

  • http://www.maas360.com pragatichaplotjain

    From my friends and colleagus, I understand that the Here You Have Virus does not get activated unless you click on the link to run the executable. Misspelling of the word ‘Download’ is a good clue to look for in the email body. Will keep in mind. Lucky me, who has not yet run into this virus. ;-)

    BTW, here is a nice blog that complements your article. It lists some basic steps that we can take to protect ourselves and our organization from this threat and future threats.