[Users] Hi, need advice on possible linux virus in an email

[zentara]

On Sat, 6 Mar 2021 13:12:07 +0100
Ralf Mardorf via Users <users at lists.claws-mail.org> wrote:


>It can't be the GPU issue I mentioned and a virus is quasi out of scope.
>What in the attachment should include a virus? The "href" parts?

Those base64 encoded strings in the google headers
could be hiding something. Who knows if they
wern't replaced downstream from the gmail server.

If there was a payload, it could have self-deleted.

I'm embarrased to say it, but I did notice a possible strange
payload, but I shrugged it off as filesystem error.
That is that a very small buddha.jpg image was written to
the /Mail/Trash folder.
I cannot prove any connection other than it was odd
to see a buddha.jpg in my Trash directory, which only contains
numbered mail files.

Thanks,
Joe




>On Sat, 6 Mar 2021 06:41:14 -0500, zentara wrote:
>>On Fri, 05 Mar 2021 21:34:39 -0800
>>lists <lists at lazygranch.com> wrote:
>>First the kernel issue and INTEL processor
>>backdoors. 
>>I use an AMD processor  
>
>OK, your GPU isn't affected. Note, I don't mentioned an Intel backdoor,
>but just a driver that doesn't work anymore.
>
>>>I'm not touching what you attached. ;-) 
>>>
>>>Send it to virustotal.com.  
>
>There's most likely no need to do so. For what ever reason I'm unable to
>import the mail, before trying to import it, I've taken a look at the
>attachment. I couldn't see any possible malicious content in the human
>readable attachment, let alone that Paul was able to import it and
>nothing odd happened.
>
>It can't be the GPU issue I mentioned and a virus is quasi out of scope.
>What in the attachment should include a virus? The "href" parts?
>
>_______________________________________________
>Users mailing list
>Users at lists.claws-mail.org
>https://lists.claws-mail.org/cgi-bin/mailman/listinfo/users