Aces High Bulletin Board
General Forums => The O' Club => Topic started by: vorticon on January 27, 2004, 10:24:25 AM
-
http://www.cbc.ca/stories/2004/01/27/mydoom_virus040127'
"Worm spreading rapidly across internet
Last Updated Tue, 27 Jan 2004 11:02:34
TORONTO - A new computer worm is spreading rapidly across the internet, threatening to clog e-mail systems and open a back door for hackers to get into personal computers.
The MyDoom worm, also known as Novarg, comes as an e-mail attachment. Since late Monday, it has been spreading at a rate that rivals last year's Sobig worm.
Some companies have reported getting bombarded with hundreds of e-mails a minute.
Once a computer is infected, the worm copies itself and sends out hundreds of e-mails. It also opens a back door into the host system that could allow a hacker to access or even take control of the computer.
The worm tries to put files into the folder used by the Kazaa file-sharing program, if it exists on the infected computer.
Anti-virus software maker Symantec says the worm also appears ready to launch a denial of service attack from Feb. 1 to Feb. 12.
The worm affects computers running Microsoft Windows versions 95 to XP.
Infected e-mails come with a random subject line, often including phrases such as "Test," "Mail Delivery System'' or "Mail Transaction Failed.'' The attachment could have any of the following file extensions: .bat, .cmd, .exe, .pif, .scr, or .zip.
Clicking on the attachment launches the malicious program.
Computer users are advised to delete the attachment without opening it, and to update their anti-virus software in case they accidentally open an infected attachment.
In August, the Sobig worm cost companies millions of dollars as they struggled to fight it off. "
Written by CBC News Online staff
-
I just got the one labled test with a .doc zipped file attatched. Fotunately since I didn't recognise the sender I automatically deleted it anyhow. This is getting to be a major freaking problem. I hope the originator of this crap gets put away.:mad:
-
I just read on CNET that 1 in every 12 emails currently moving across the web was a result of the worm (according to a monitoring company). Scary :(
-
I got about 10 worm emails today. here is some more info from our IS dept.:
If you receive the following email please delete it immediately and do not open the attachment. If you have received this e-mail and have opened the attachment please call the helpdesk @ 6330.
SUBJECT:
Error
Status
Server Report
Mail Transaction Failed
Mail Delivery System
hello
hi
BODY: (Varies, such as)
The message cannot be represented in 7-bit ASCII encoding and has been sent as a binary attachment.
The message contains Unicode characters and has been sent as a binary attachment.
Mail transaction failed. Partial message is available.
Attachment: (varies [.bat, .exe, .pif, .cmd, .scr] - often arrives in a ZIP archive) (22,528 bytes)
examples (common names, but can be random)
doc.bat
document.zip
message.zip
readme.zip
text.pif
hello.cmd
body.scr
test.htm.pif
data.txt.exe
file.scr
-
you can dw it manually at the norton website then it will remove any mails with those attachments.
edit : I mean the fix for it ofcourse :D
-
yeah, it's evidently set up to do a ddos on SCO. this really doesn't help matters with that, unfortunately.
I got 4 of them sent to my raf303 account, and one rejected message (sans attachment) bounced back to said account. It's a forwarding address.