URGENT! gamespy download infected with Nimda

From: lsi (stuart@cyberdelix.net)
Date: 06/26/02

From: "lsi" <stuart@cyberdelix.net>
To: feedback@gamespy.com, webmaster@gamespyarcade.com
Date: Wed, 26 Jun 2002 11:03:24 +0100


I bring to your most urgent attention that the copy of
Gamespy Arcade 1.09 available on download.com at the address


is infected with the W32/Nimda.gen@MM virus, as detected by
NAI/McAfee Viruscan.

The full URL of the infected file is:


According to download.com, as of my writing, this file has
been downloaded 112806 times from download.com since April
29, 2002.

The virus infected my computer after I downloaded and
executed the program via http://www.download.com/ at around
21:45PM, and I'm justing finishing the cleanup now - it's
3:15AM and counting, thankyou very much.

I do understand that the file is actually served from
gamespy.com, but it was only by carefully inspecting the URLs
served by download.com that this becomes evident. A less
savvy user wouldn't make the distinction.

I suggest that every night, a download.com robot downloads
each file download.com serves, and scans it.

Meanwhile, I suggest the guilty party at gamespy be shot.


Stuart Udall
stuart@cyberdelix.net - http://www.cyberdelix.net/
..revolution through evolution

want to make some cash? check out http://cyberdelix.net/affiliates.htm

---------------------------------------------------------------------------- This list is provided by the SecurityFocus ARIS analyzer service. For more information on this free incident handling, management and tracking system please see: http://aris.securityfocus.com