This is a Macintosh. The W32 BadTrans virus/worm is not supposed to be able to infect me, right?
So I get an email with the subject “Re:”, open it (in Eudora, not Outlook, btw), it has NO CONTENT, and when I click the button to show all details and headers learn that it has automatically downloaded a file called “Me_nude.MP3.scr”, which rings a bell.
Yep, a quick trip to the Norton website tells me the file is the BadTrans. No mention of it doing evil things on a Mac.
I go to the file itself. BBEdit doesn’t want to open it, which is very unusual. I do a Get Info, wondering if it is incredibly huge. I learn that it is only 32K but, more shocking, it has a Mac file type and creator! “WAVE” and “SNdm” respectively. Of course, browser prefs and Internet Control Panel settings and File Exchange Control Panel settings will routinely assign Mac type and creator codes to common PC files with known extensions, but I check and find that, if anything, “.scr” files should be assigned to GraphicConverter (GKON) and type “RIX3”, whatever the heck that might be…
I fire up Sherlock and search for all files of Creator Code “SNdm” and it comes back with one hit: Me_nude.MP3.scr. OK…I fire up the old Type & Creator codes database and learn that SNdm is owned by SoundMachine 2.5.1, which I don’t own. Well, that fits with “.scr” becoming a “WAVE” file type, I guess…
But why didn’t the attachment appear inline, waiting for me to choose to download it if I wanted to, instead of, somehow, placing itself at the root of my current startup volume?
::cue Twilight Zone music::
Anyone hear anything about a version of this ugly compiled to execute on a Mac?