TIP: Click on subject to list as thread! ANSI
echo: virus_info
to: MIKE HUDSON
from: RICK COLLINS
date: 1997-02-28 23:09:00
subject: Internet Dialing Trojan
-=> Quoting Mike Hudson to David Kirschbaum <=-
-=> FidoMail to 1:163/215, please.-=<
mh> Sounds like the GOOD TIMES virus got a face lift! How the heck
mh> would your machine dial out without you knowing it was doing so?
mh> You won't disconnect from your ISP without some kind of message
mh> (either a disconnect, or an error - most likely an error
mh> message). Even if this so-called virus had some way of turning
mh> off your speaker sound, by loading a different initialization
mh> string, persons with external modems who were used to the way
mh> the lights operated 
Well, it's not a virus, but a piece of malware.  Essentially, to view
the "pictures" offered you had to download and run a piece of
software (called DAVID.EXE).  That software effectively used your
modem to dial a number in Moldavia (I believe.  I don't know if the
instructions required you to quit your browser or whatever - but, the
software did mute the speaker and dial the new number).  Once
connected to Moldavia, the system there connected you to a system in
Scarborough, Ontario - and that system connected you to the Internet.
The "scam" involved some arrangement whereby the perpetrators
received benefit from the LD charges to Moldavia through a contact
there (your local telco pays the remote telco for use of their
system, and this cost is billed to you.  The perps got a portion of
that money paid to the foreign telco.  No, I don't know how that
worked). :-)
You were then connected to the particular web site - through a long-
distance call to Moldavia.  Any web brousing you continued to do
would be through that Moldavia connection and the ISP in Scarborough
- you would not necessarily know that you were not connected to your
regular ISP with a local call.
Obviously, this only works while your computer is turned ON:  but it
_is_ possible for the modem to maintain a connection even with your
computer turned OFF once the connection has been established.  It all
depends on how the modem treats various signals on the DTE interface. 
I'm referring to an external modem, obviously.
Not a virus, but not "impossible", either.
TTFN. Rick.
Ottawa, ON 28 Feb 23:22 
--- Blue Wave/DOS v2.20
---------------
* Origin: BitByters BBS, Rockland ON, Can. (613)446-7773 v34, (1:163/215)
SOURCE: echomail via exec-pc

Email questions or comments to sysop@ipingthereforeiam.com
All parts of this website painstakingly hand-crafted in the U.S.A.!
IPTIA BBS/MUD/Terminal/Game Server List, © 2025 IPTIA Consulting™.