We have received a report that a message with an infected Zip attachment
was received yesterday. The characteristics of the message:
This is your photo?
+This your photo?
This+ your photo?
This your photo?
This y_our photo?
This your pho+to^?
This yo_ur -photo?
Th_is your photo?
This you-r _photo?
Thi^s your photo?
Thi-s +your photo? <--this is the one confirmed as received
"Is this your photo? I cant belive it made it onto the internet!"
As of last night at 9:04pm our email gateway began detecting these
messages as infected with Cidra-D, but before that the messages were
making their way through.
Currently Symantec and Network Associates are not "aware" of this
trojan, so there is no desktop protection for anyone whose server mailbox
did receive the email before the email gateway detected the trojan.
Please caution your users not to open the attachment of this message, and
again not to open/be wary of attachments from anyone if they weren't
If you have problems or questions regarding Cidra-D please visit:
or contact CIT Helpline at [log in to unmask] or 6-2604.