Alan_J_Roberts@cup.portal.COM (12/13/89)
This is an urgent forward from John McAfee:
A distribution diskette from a corporation calling itself PC
Cyborg has been widely distributed to major corporations and PC user
groups around the world and the diskette contains a highly destructive
trojan. The Chase Manhattan Bank and ICL Computers were the first to
report problems with the software. All systems that ran the enclosed
programs had all data on the hard disks destroyed. Hundreds of
systems were affected. Other reports have come in from user groups,
small businesses and individuals with similar problems. The
professionally prepared documentation that comes with the diskette
purports that the software provides a data base of AIDS information.
The flyer heading reads - "AIDS Information - An Introductory
Diskette". The license agreement on the back of the same flyer reads:
"In case of breach of license, PC Cyborg Corporation reserves the
right to use program mechanisms to ensure termination of the use of
these programs. These program mechanisms will adversely affect other
program applications on microcomputers. You are hereby advised of the
most serious consequences of your failure to abide by the terms of
this license agreement."
Further in the license is the sentence: "Warning: Do not use these
programs unless you are prepared to pay for them".
If the software is installed using the included INSTALL program, the
first thing that the program does is print out an invoice for the
software. Then, whenever the system is re-booted, or powered down and
then re-booted from the hard disk, the system self destructs.
Whoever has perpetrated this monstrosity has gone to a great deal of
time, and more expense, and they have clearly perpetrated the largest
single targeting of destructive code yet reported. The mailings are
professionally done, and the style of the mailing labels indicate the
lists were purchased from professional mailing organizations. The
estimated costs for printing, diskette, label and mailing is over
$3.00 per package. The volume of reports imply that many thousands
may have been mailed. In addition, the British magazine "PC Business
World" has included a copy of the diskette with its most recent
publication - another expensive avenue of distribution. The only
indication of who the perpetrator(s) may be is the address on the
invoice to which they ask that $378.00 be mailed:
PC Cyborg Corporation
P.O. Box 871744
Panama 7, Panama
Needless to say, a check for a registered PC Cyborg Corporation in
Panama turned up negative.
An additional note of interest in the license section reads:
"PC Cyborg Corporation does not authorize you to distribute or use
these programs in the United States of America. If you have any doubt
about your willingness or ability to meet the terms of this license
agreement or if you are not prepared to pay all amounts due to PC
Cyborg Corporation, then do not use these programs".
John McAfeeSLORES@umiami.miami.edu (Stanislaw L. Olejniczak) (12/14/89)
In article <KPETERSEN.12549683117.BABYL@WSMR-SIMTEL20.ARMY.MIL>, Alan_J_Roberts@cup.portal.COM writes: > This is an urgent forward from John McAfee: > > A distribution diskette from a corporation calling itself PC > Cyborg has been widely distributed to major corporations and PC user > groups around the world and the diskette contains a highly destructive > trojan. >... > "In case of breach of license, PC Cyborg Corporation reserves the > right to use program mechanisms to ensure termination of the use of > these programs. >... > Whoever has perpetrated this monstrosity has gone to a great deal of > time, and more expense, >... > $3.00 per package. The volume of reports imply that many thousands > may have been mailed. >... >they ask that $378.00 be mailed: > > PC Cyborg Corporation > P.O. Box 871744 > Panama 7, Panama > > Needless to say, a check for a registered PC Cyborg Corporation in > Panama turned up negative. Well, I may be an idiot to write this, but from what I read here I would say that some screwball programmer decided to insure that whoever used the software in fact did pay for it; true, I would say it is sort of an extortion, but I somehow do not think _anyone_ would go that expense just to damage other people's software. A PD program would do almost as much damage, and with far less expense. I was just wondering - _does_ the program contain the valuable database it claims to have? ---- Stan Olejniczak Internet: slores@umiami.miami.edu University of Miami, FL USA UUCP: (temp void) gould!umbio!solejni SLORES@UMIAMI.BITNET UUCP: (?) umigw!gables!slores Voice: (305) 547-6571 FAX: (305) 548-4612 My opinions cannot possibly represent the views of anyone else!