By Harry Fuecks

Worms harassing PHP Developers?

By Harry Fuecks


From: Ulf Wendel

To: Harry Fuecks

Subject: something for you

do you know the thief?


…an impression of one of those NetSky worm mails (Ulf didn’t really send it).

Now Ulf is a pretty well known PHP developer who’s contributed to a number of Open Source projects and, no doubt has put his email address in the source code. So have I.

This isn’t the first virus message I’ve had, claiming to come from a known PHP developer – the first, that surprised me, was one from Adam Trachtenberg (PHP Cookbook) and I’ve lost count since.

Picking a random virus description for MyDOOM, for example;

The mail addresses will be first collected from the victim

  • At least they were not smart enought to scan for .phps. .php files in the IE cache should just be the output of the php page, not the source itself (which is where I thought you might be thinking the email addresses would be located).

  • Adam Trachtenberg

    Glad to see I apparently send as many viruses to PHP developers as I receive from them. :) My e-mail address is all over the Internet, so I get spammed and spoofed thousands of times a day. I finally just redirected anything with caught by spam assassin to /dev/null.

  • Toby

    It’s not said that they must have it from source. As a os developer we post day by day on mailinglists & webforums, there’s pretty much space where an email address may be noted.

  • As if it reads minds (or Sterlings having fun), one just in;


    From: Sterling Hughes

    Subject: its me

    i have received this.


  • We just plugged in clamav into qmail-scanner on our system and its worked like a charm. Not a single virus has gotten through today vs the usual 30-50+

  • As an aside, I finally caved into Matt’s protestations and installed a virus scanner on our email server. In the last 24 hours it’s deleted > 600 infected emails.

  • ahh.. Yep, what he said ;-)

Get the latest in Front-end, once a week, for free.