- Joined
- Apr 16, 2002
- Messages
- 104
Hello All,
I just wanted to give you a quick update regarding a virus warning (jdbgmgr.exe)which is currently running rampant in the knife community. We have received a warning from several of our customers and other industry colleagues explaining that we had been infected.
This letter warns of a computer virus which lies dormant for two weeks and then becomes active. It is noted that the virus is then automatically sent to everyone in the recipients mailing list. A quick check on all of our computer systems proved that every one of our computers had allegedly been infected.
Before sending the warning message out to the numerous friends, customers, and colleagues on our mailing lists, I decided to perform a search of this particular virus on the Internet.
Findings concluded that this virus is indeed, just a hoax! No action needs to be taken if the suggested file is found on your computer.
The following is a reprint of an article which will shed a little more light on the subject.
Thanks,
Jennifer Busse
Virus Hoax Making The Rounds - 'JDBGMGR.EXE'
By Michael Bartlett, Newsbytes
SAN JOSE, CALIFORNIA, U.S.A.,
07 May 2002, 5:29 PM CST
A virus warning is making the rounds urging people to search for a purported virus on their hard drives - a file named JDBGMGR.EXE. Chances are, they will find it, because the "warning" is a hoax.
According to several anti-virus companies, the hoax first appeared in April, but two new variants of the message have been spotted in the last three days.
The bogus warning takes several forms, but in general it tells people they have received a dangerous, undetectable virus via e-mail that must be found and deleted from their "C" drives. Some variants claim the "virus" hibernates for 14 days before awakening and causing damage to their computers.
Anti-virus companies have identified French, Spanish, Italian and German versions of the English warnings.
In reality, JDBGMGR.EXE is a standard Windows component. According to anti-virus company F-Secure, it is uses as a Java debugger manager in a Microsoft Java runtime engine.
"We checked several versions of this utility from Windows installations and found nothing malicious in them," F-Secure wrote in its warning about the hoax.
The JDBGMGR.EXE hoax followed a similar path as last year's widely spread hoax, "SULFNBK.EXE."
Warnings about SULFNBK.EXE began circulating via e-mail in mid-May 2001, first in Portuguese, then in English. As the end of May neared, someone apparently decided the hoax was not garnering enough attention, and altered the message to play up the destructive capability of the "virus," and added a date of doom.
On June 1, 2001, people were warned, the virus would wipe out all files and folders on the computer's hard drive if not found and deleted.
The warnings for JDBGMGR.EXE started with a simple suggestion that people find and delete the file. Later variants added details that made the virus seem more threatening, and warned that it could not be detected by McAfee or Norton anti-virus programs.
Dee Liebenstein, product manager for Symantec Security Response, told Newsbytes these hoaxes are powerful because they sound frightening.
"People still respond, because the writers are trying to strike fear in the hearts of man - that is their goal in life," she said. "Like Trojan horse writers that get people to click on an attachment by getting on their good side and being friendly, these hoaxes are an example of social engineering. But these appeal to you to take action by scaring you."
Liebenstein said the file that people are deleting is not required by the operating system to run. She said some Java applets might not work properly, in which case the user should reinstall the file.
Some regular computer users are moving so quickly, they do not stop to evaluate whether or not they should click on an attachment or delete a file before acting, Liebenstein said.
"If you receive an e-mail that asks you to delete files, check with the person who sent it to you first. If they got the e-mail and are passing it on, that's your first clue."
"Next, you should go to an anti-virus vendor's Web site," she continued. "For example, Symantec has a list of popular hoaxes. If it is a real virus, the information will be on the Web site, also."
F-Secure is at http://www.datafellows.com/index.shtml .
F-Secure's page for the hoax is at http://www.datafellows.com/hoaxes/jdbgmgr.shtml .
Symantec is at http://www.symantec.com .
Symantec's page for the hoax is at http://securityresponse.symantec.com/avcenter/venc/data/ jdbgmgr.exe.file.hoax.html .
Reported by Newsbytes.com, http://www.newsbytes.com .
I just wanted to give you a quick update regarding a virus warning (jdbgmgr.exe)which is currently running rampant in the knife community. We have received a warning from several of our customers and other industry colleagues explaining that we had been infected.
This letter warns of a computer virus which lies dormant for two weeks and then becomes active. It is noted that the virus is then automatically sent to everyone in the recipients mailing list. A quick check on all of our computer systems proved that every one of our computers had allegedly been infected.
Before sending the warning message out to the numerous friends, customers, and colleagues on our mailing lists, I decided to perform a search of this particular virus on the Internet.
Findings concluded that this virus is indeed, just a hoax! No action needs to be taken if the suggested file is found on your computer.
The following is a reprint of an article which will shed a little more light on the subject.
Thanks,
Jennifer Busse
Virus Hoax Making The Rounds - 'JDBGMGR.EXE'
By Michael Bartlett, Newsbytes
SAN JOSE, CALIFORNIA, U.S.A.,
07 May 2002, 5:29 PM CST
A virus warning is making the rounds urging people to search for a purported virus on their hard drives - a file named JDBGMGR.EXE. Chances are, they will find it, because the "warning" is a hoax.
According to several anti-virus companies, the hoax first appeared in April, but two new variants of the message have been spotted in the last three days.
The bogus warning takes several forms, but in general it tells people they have received a dangerous, undetectable virus via e-mail that must be found and deleted from their "C" drives. Some variants claim the "virus" hibernates for 14 days before awakening and causing damage to their computers.
Anti-virus companies have identified French, Spanish, Italian and German versions of the English warnings.
In reality, JDBGMGR.EXE is a standard Windows component. According to anti-virus company F-Secure, it is uses as a Java debugger manager in a Microsoft Java runtime engine.
"We checked several versions of this utility from Windows installations and found nothing malicious in them," F-Secure wrote in its warning about the hoax.
The JDBGMGR.EXE hoax followed a similar path as last year's widely spread hoax, "SULFNBK.EXE."
Warnings about SULFNBK.EXE began circulating via e-mail in mid-May 2001, first in Portuguese, then in English. As the end of May neared, someone apparently decided the hoax was not garnering enough attention, and altered the message to play up the destructive capability of the "virus," and added a date of doom.
On June 1, 2001, people were warned, the virus would wipe out all files and folders on the computer's hard drive if not found and deleted.
The warnings for JDBGMGR.EXE started with a simple suggestion that people find and delete the file. Later variants added details that made the virus seem more threatening, and warned that it could not be detected by McAfee or Norton anti-virus programs.
Dee Liebenstein, product manager for Symantec Security Response, told Newsbytes these hoaxes are powerful because they sound frightening.
"People still respond, because the writers are trying to strike fear in the hearts of man - that is their goal in life," she said. "Like Trojan horse writers that get people to click on an attachment by getting on their good side and being friendly, these hoaxes are an example of social engineering. But these appeal to you to take action by scaring you."
Liebenstein said the file that people are deleting is not required by the operating system to run. She said some Java applets might not work properly, in which case the user should reinstall the file.
Some regular computer users are moving so quickly, they do not stop to evaluate whether or not they should click on an attachment or delete a file before acting, Liebenstein said.
"If you receive an e-mail that asks you to delete files, check with the person who sent it to you first. If they got the e-mail and are passing it on, that's your first clue."
"Next, you should go to an anti-virus vendor's Web site," she continued. "For example, Symantec has a list of popular hoaxes. If it is a real virus, the information will be on the Web site, also."
F-Secure is at http://www.datafellows.com/index.shtml .
F-Secure's page for the hoax is at http://www.datafellows.com/hoaxes/jdbgmgr.shtml .
Symantec is at http://www.symantec.com .
Symantec's page for the hoax is at http://securityresponse.symantec.com/avcenter/venc/data/ jdbgmgr.exe.file.hoax.html .
Reported by Newsbytes.com, http://www.newsbytes.com .
