Print

Print


CIT has received the following advisory from Dr. Solomon's, and are
reposting it here for clarification, as we have had several inquiries
regarding the AOL4FREE hoax.

--------------------------
Advisory From Dr Solomon's
--------------------------


THE AOL4FREE HOAX AND THE AOL4FREE.COM TROJAN HORSE
---------------------------------------------------
Recently there has been a lot of confusion regarding "AOL4FREE". The
confusion has been generated by two separate events:

1.The distribution of an AOL4FREE hoax message, which was spread via
email and usenet newsgroups. Other hoaxes include Good Times, Irina,
and PenPal Greetings.

2.The distribution of a genuine AOL4FREE.COM trojan horse program which
was spread a few weeks later.


THE HOAX MESSAGE
----------------
The original hoax message which was sent via email claimed there was
an email being distributed with the subject line "aol4free.com". The
hoax went on to claim that "within seconds of opening [the email] a
window appeared and began to display my files that were being
deleted".

Like other hoaxes it is important to point out that a user cannot be
infected or damaged simply by the subject line of an email. An
executable attachment to an email will not 'run' automatically. Like
other hoaxes this message should not be taken at face value.  An
article all about virus hoaxes can be read at our website:
http://www.drsolomon.com/vircen/hoax.html

THE AOL4FREE.COM TROJAN HORSE
-----------------------------
The AOL4FREE.COM trojan horse displays a message listing the
directories on your hard drive it is deleting and may be followed by
an obscene message.

A Trojan Horse is a program that deliberately does unpleasant things,
as well as (or instead of) its declared function. They are not capable
of spreading themselves and rely on users copying them. Because trojan
horses do not replicate they are not viruses and are not frequently
encountered.

It seems highly likely that this trojan horse was written as a
response to the original hoax warning in an attempt to confuse
computer users.

Please note: it does not attack users via use of the subject line of
the email. The only way users can be damaged by this trojan is (like
any other trojan) if they decide to run it.

We do not believe this trojan horse is particularly common.

We have an extra driver available to add detection of this trojan
horse to Dr Solomon's Anti-Virus Toolkit. 
********************************************************************
UVM Note: Download the current update to the Anti-Virus Toolkit from 
http://cit.uvm.edu/antivirus/extra.html. This update includes the extra
driver to detect the AOL4FREE.COM Trojoan horse program as well as
additional drivers to detect the latest Word Macro viruses. This update
applies to DOS/Windows systems only.

Please direct any questions to [log in to unmask]
*******************************************************************