SCCM
Vol. 4, Issue 1
November 17, 1995 Copyright 1995,
All rights reserved.

Editor: Michael McPherson

Social and Charitable Cause Marketing [ SCCM ] is a !! FREE !!
electronic magazine covering the issues of private industry
sponsoring social and charitable causes.

This e-zine will provide a worldwide source of invaluable information
reference to how private industry, community, education and government
benefit from this win-win scenario.

To Subscribe to SCCM send e-mail to:
xxxxxx@yrkpa.kias.com
write in subject: subscribe sccm

***  Letters to the Editor
***  Press releases
***  Sponsor inquiries
***  Cost for printed version

send e-mail to:  xxxxxx@yrkpa.kias.com

 SPECIAL  EDITION

 CIAC ANNOUNCES AOLGOLD Trojan Alert

There have been many computer virus alerts in the past, most without
any confirmation.  On Nov. 16 1995  the U.S. Department of Energy's
Computer Incident Advisory Capability with URL: http://ciac.llnl.gov
released a report identifying a computer virus, AOLGOLD Trojan

Congratulations to the staff at CIAC and America Online
with URL:  http://www.aol.com   for working together in identifying
the virus and promptly informing the computer community.

An ideal example of accepting the challenge of a social responsibility
and marketing/promoting their services at the same time.

 __________________________________________________________

 The U.S. Department of Energy
 Computer Incident Advisory Capability
 ___  __ __    _     ___
 /       |     /_\   /
 \___  __|__  /   \  \___
 __________________________________________________________

 INFORMATION BULLETIN

 AOLGOLD Trojan Program

November 16, 1995 1300 PST Number G-03
_______________________________________________________________________________

PROBLEM:        A trojan program is being distributed around America
 Online and other networks called AOLGOLD.ZIP.
PLATFORM:       DOS-based PCs
DAMAGE:         When the INSTALL.EXE program is executed, most files on the
 users C: drive are deleted. SOLUTION:  See the description below
_______________________________________________________________________________

VULNERABILITY
ASSESSMENT:     Users who download the AOLGOLD.ZIP or INSTALL.EXE trojaned
 programs, unpack, and execute them may destroy files on their
 DOS C: drive.
_______________________________________________________________________________

 Information on the AOLGOLD Trojan Program

AOLGOLD Trojan
==============
 ***  Editor's Note ***

The original AOLGOLD Trojan has been edited due to the length of the
techie material.  To read the original content. go to URL:
http://ciac.llnl.gov

The AOLGOLD Trojan program was recently discovered on America Online (AOL).
Notice about the Trojan has been circulated to all America Online
subscribers.  Notice about the Trojan and a copy of the Trojan program were
supplied to CIAC by Doug Bigelow, who is on the staff of America Online.

Apparently, an e-mail message is being circulated that contains an attached
archive file named AOLGOLD.ZIP.  A README file that is in the archive
describes it as a new and improved interface for the AOL online service.
Note that there is no such program as AOLGOLD.  Also, simply reading an
e-mail message or even downloading an included file will not do damage to
your machine.  You must execute (or run) the downloaded file to release
the Trojan and have it cause damage.

The following three files contain the Trojan program:

MACROS.DRV
VIDEO.DRV
INSTALL.BAT

The rest of the files included in the archive appear to have been grabbed
at random to simply fill up the archive and make it look official.

The Operations staff at America Online has released the following
bulletin to their users:

- --BEGIN MESSAGE--

Dear Member:

As you know, we strive to keep you informed on various issues regarding
online safety.

We want to take this opportunity to remind you about potential computer
viruses and Trojan horses and how to protect your computer.  First, a virus
is a program that is designed to spread and usually attaches itself to a
program with the goal of spreading to other computers.  A Trojan horse is a
program that is intended to corrupt your computer but has to be activated
before it can be executed.  For example, a Trojan horse can be distributed as
an attached file to an email but the file has to be downloaded and executed
before harm is done.

If you receive email from unknown senders with an attached file, it is a good
rule of thumb not to download the files.  In addition, if you ever receive a
file in email you believe could cause problems, please forward it immediately
to TOSEMAIL1, and explain your concerns to our Terms of Service staff.

We have received recent inquiries regarding a Trojan horse that is sent as an
attached file in an email message entitled "AOLGOLD" and "Install.exe". It is
important to understand that no virus or Trojan horse can be passed along by
simply reading email.  However, we strongly urge that if you receive email
with an attached file with this name not to download it.

Due to the private nature of electronic mail, we cannot scan files in email
for viruses as we do with files in public areas of the service.

We have never had an occurrence of a virus or Trojan horse being spread
through simply reading email.  In order for one to spread to your computer,
you would have to proactively select the attached file and download it to
your hard drive.  It is therefore advisable never to download attached files
from an unknown sender.

AOL incorporates virus protection throughout the service and scans all posted
software, text, and sound files in public areas. We also offer our members
the Virus Information Center on AOL where you'll find information about the
latest virus or Trojan horse, along with updates to all the popular
commercial, shareware, and freeware anti-virus tools.  Keyword: VIRUS.

Thank you for taking an active role in maintaining a safe online environment.

Sincerely,
AOL Operations Staff

- --END MESSAGE--

_______________________________________________________________________________

CIAC wishes to thank the staff of America Online, especially Mr. Don Bigelow
for their assistance in providing the information necessary to prepare this
bulletin.
_______________________________________________________________________________

CIAC, the Computer Incident Advisory Capability, is the computer security
incident response team for the U.S. Department of Energy. CIAC is located at
the Lawrence Livermore National Laboratory in Livermore, California. CIAC is
also a founding member of FIRST, the Forum of Incident Response and Security
Teams, a global organization established to foster cooperation and
coordination among computer security teams worldwide.

This document was prepared as an account of work sponsored by an agency of the
United States Government. Neither the United States Government nor the
University of California nor any of their employees, makes any warranty,
express or implied, or assumes any legal liability or responsibility for the
accuracy, completeness, or usefulness of any information, apparatus, product,
or process disclosed, or represents that its use would not infringe privately
owned rights. Reference herein to any specific commercial products, process,
or service by trade name, trademark, manufacturer, or otherwise, does not
necessarily constitute or imply its endorsement, recommendation or favoring by
the United States Government or the University of California. The views and
opinions of authors expressed herein do not necessarily state or reflect those
of the United States Government or the University of California, and shall not
be used for advertising or product endorsement purposes.

zzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzz

This edition of SCCM is underwritten by:

 ----- SponsorED -------

The only magazine/newsletter exclusively covering
the world of corporate sponsorship in Education.

Subscriptions: by regular mail:  $299/year for 12 issues
 electronic mail:  $239/year for 12 issues

Subscribe via e-mail: Send e-mail to: xxxxxx@yrkpa.kias.com
insert in the Subject:   subscribe SponsorED
In the message area write: your regular mail address, e-mail address and
telephone #.  Also, insert subscription preference: Regular Mail or E-Mail

To Subscribe by regular mail: send letter on company, school, or
organization letterhead requesting subscription to SponsorED.
Please indicate regular mail or e-mail subscription.  Send regular mail to:

Michael McPherson
Editor and Publisher
SponsorED
2820 Wyngate Dr.
York, Pa.  17403

Make checks payable to: SponsorED and send to the above regular mail
address.

zzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzz