MOO-cows Mailing List Archive



This is a very old fake.  There are several reasons why and I'll point 
them out in the message.  A few weeks ago the guy in charge of virus 
detection at work posted about this and other fakes.

On Sat, 7 Dec 1996, Matt Dominianni wrote:

> In case you haven't heard about this yet...
> >>
> >>
> >>> **********VIRUS ALERT**********
> >>>
> >>>There is a computer virus that is being sent across the Internet.
> >>>
> >>>If you  receive an E-Mail message with the subject line "Deeyenda", DO
> >>>NOT read
> >>>the message, DELETE it immediately!
> >>>

For a virus to infect your computer you need to execute the program it is 
attached to.  Reading the file is not executing it.  Most mail readers do 
not do any execution when they read a file.  It's the difference between 
a @list verb and a exec verb.


The FCC DOES NOT issue virus warnings.  I'm not sure who does, I think 
it's CERT, but the FCC does not.

> >>>Instead of a
> >>>destructive Trojan virus (like most viruses!), this virus referred to as
> >>>Deeyenda Maddick, performs a comprehensive search on your computer,
> >>>looking for
> >>>valuable information, such as E-Mail and login passwords, credit cards,
> >>>personal
> >>>inf., etc.

This virus would have to have a really good AI built into it, for it to 
be able to do this.  An AI of this caliber would have to be very slow 
acting (increasing the chance of detection) or very fast acting, which 
would most likely crash a machine.

> >>>
> >>>The Deeyenda virus also has the capability to stay memory resident while
> >>>running
> >>>a host of applications and operation systems, such as Windows 3.11 and
> >>>Windows
> >>>95.
> >>>  What this means to Internet users is that when a login and password
> >>>are send
> >>>to
> >>>the server, this virus can copy this information and SEND IT OUT TO UN
> >>>ADDRESS (varies).

For this to happen and be OS independent (as stated below) the virus 
would have to have to have some SMTP stuff built into it.  And be able to 
interface with the networking components of the operating system.  And 
these components are so different betweek OSes its not funny.

> >>>
> >>>The reason for this warning is because the Deeyenda virus is
> >>>virtually undetectable.  Once attacked your computer will be unsecured.
> >>>
> >>>Although
> >>>it can attack any O/S this virus is most likely to attack those users
> >>>viewing
> >>>Java enhanced Web Pages (Netscape 2.0+ and Microsoft Internet Explorer
> >>>3.0+
> >>>which
> >>>are running under Windows 95).  Researchers at Princeton University have
> >>>found
> >>>this virus on a number of World Wide Web pages and fear its spread.
> >>>

A virus has to be taloried for a specific operating system.  A virus that 
attacks a DOS machine can't attack a UNIX of VMS machine.  Even if it was 
written in machine language.  A Sun Sparc station does not talk x86.

The virus could be written in JAVA, but many operating systems don't 
support JAVA directly yet.  And because of this the program could not 
stay memory resident.  While on some computers it may be able to stay 
memory resident, this warning says it will attack any O/S.

For these reasons this warning is a hoax and one that has been going 
around for at least 6 months.

I think this hoax was initially called the Good Times virus.

Follow-Ups: References:

Home | Subject Index | Thread Index