ATTENTION Lyra users

[Staff 9972]

Hello!

We have received complaints about our server Lyra trying to exploit a Windows old critical vulnerability MS08-067 http://technet.microsoft.com/en-us/security/bulletin/ms08-067

This means either that some malicious client is launching attacks from Lyra or, more probably, that one or more computers' clients connected to Lyra are infected with a worm: http://blog.threatexpert.com/2008/10/gimmiva-exploits-zero-day-vulnerability.html

We remind you that our ToS forbids to spread malware through our servers as well as launching attacks against any system. We don't think that such attacks are deliberate: no serious attacker would try to exploit a critical vulnerability fixed 4 years ago.

We strongly recommend our customers who use Windows and were connected to Lyra in the last 2 days to check for virus, worms and malware on their systems and keep their Windows OS up to date.

The aforementioned worm and trojan family is very dangerous, it can act as a keylogger on the infected system and will try to steal sensitive information, therefore destroying (for the user who use the compromised computer, not for the victim of the attack who hopefully has updated his/her system since 2008) the anonymity layer we provide: http://www.threatexpert.com/report.aspx?md5=06fbcf231d6db6e97d4dba5251252658

Kind regards