We have been informed of a number of hacked machines on campus.
These machines have been compromised with a keylogger. Below is the
message we will be sending out to the registered owners of those
machines.
----- Forwarded message from MSU Abuse Response <[log in to unmask]> -----
From: MSU Abuse Response <[log in to unmask]>
Subject: [MSU Network Abuse] Your machine infected with KEYSTROKE LOGGER
To: realname
URGENT:
This machine has been infected with a "keystroke logger" which is
capable of stealing all passwords or credit card numbers typed in
through it. This machine was found to be part of a network of
compromised machines, so the risk to your personal information
is VERY HIGH.
-----
We have received one or more reports indicating that a computer under
your control or associated with your user id is infected with a virus.
The computer was located in <location> on 03/ /2004
and is registered via DHCP as follows:
(replace with DHCP registration info)
This virus is causing your computer to behave in a disruptive manner,
either by sending virus-laden e-mail messages, by sending network
probes, or both. Depending on the virus, it may also allow remote
access to your computer system, or it may delete files or damage the
operating system on your computer.
In order to stop these actions, you need to update your virus software
and make sure that it eliminates this virus from your system. If you
need help with this task, you should contact the Computing Service
Centers, at 432-6200 or "[log in to unmask]". You may also want to consult
the following web sites for more details:
http://help.msu.edu/virus/
You must also ensure that your computer's operating system
has all the current patches. For Windows computers, Microsoft
is releasing critical security patches almost every month;
you need to run Windows Update regularly to install them.
If we receive further complaints concerning your computer, your network
access may be disabled for the protection of your computer and others.
Please respond to "[log in to unmask]" when the problem has been corrected.
