Start proceting those computers

  • whatlikesit12345
  • Guru
  • Guru
  • User avatar
  • Posts: 1211

Post 3+ Months Ago

The latest virsus(es)

CNN) -- Hackers unleashed an agile worm Monday -- using a sneaky, fairly new tactic to get unsuspecting computer users to diffuse their malicious code.

Dubbed "W32/MyDoom" or "Novarg," the worm circulated so fast anti-virus firms quickly raised its threat warnings to "high" saying the bug was one of the worst in recent months.

The worm is contained in e-mails with random senders' addresses and subject lines. While the body of the e-mail varies, it usually includes what appears to be an error message, such as: "The message cannot be represented in 7-bit ASCII encoding and has been sent as a binary attachment."

While many computer users have gotten wise to not opening executable files or other attachments that may contain viruses, the latest worm appears masks itself as a file that your computer appears unable to read.

"It's sneaking in a little bit different," said Sharon Ruckman, the head of anti-virus firm Symantec's security response team. "This one is almost begging you to click on the attachment."

When loaded, some versions of the worm launch Notepad and show random characters. At the same time it replicates itself and installs a "keystroke" program that allows a hacker to break in and record private data being typed on a computer, such as passwords or credit card numbers.

The worm sends out a slew of messages that prompted some companies to shut down their e-mail gateways in an effort to stop the infection, said Vincent Gullotto, who runs Network Associates' McAfee Anti-Virus Emergency Response Team.

At the same time, MyDoom appeared to launch a Denial of Service attack on the site for SCO Group, a California company which recently sued IBM, challenging that firm's intellectual property in parts of Linux. On Monday night, was down.

Anti-virus experts said MyDoom was on track to hit even more machines than Nimda, a 2001 worm that spread widely with an attachment that read "Readme.exe."

This time, besides the "binary attachment" message, MyDoom comes with all different file extensions including .pif, .zip and .csr. It also uses an attachment icon similar to one used for text messages in Windows. All of this, security experts warn, was succeeding in tricking people into thinking the e-mail was legitimate.

After a relative lull in the number of viruses distributed during the holidays, anti-virus experts expected Tuesday to be hectic as office workers fired-up their computers and unwittingly spread the worm.

Two other less prominent worms, Mimail.Q and Dumaru, were also making their way around the Internet late Monday.

Mimail.Q changes the body and attachment over time, but, for now, some of the e-mails containing the worm used the subject line: "Hi my sweet Nancy."

Dumaru comes with the subject line "Important information for you. Read it immediately!" and includes an attachment called

"The virus writers [are] ... back from vacation and they've started pushing out their creations," Gullotto warned.

I am going to use this for my current event

Post Information

  • Total Posts in this topic: 1 post
  • Users browsing this forum: No registered users and 38 guests
  • You cannot post new topics in this forum
  • You cannot reply to topics in this forum
  • You cannot edit your posts in this forum
  • You cannot delete your posts in this forum
  • You cannot post attachments in this forum

© 1998-2017. Ozzu® is a registered trademark of Unmelted, LLC.