New Mass Mailing Virus

Published: 2004-02-17. Last Updated: 2004-02-18 14:50:49 UTC
by Deborah Hale (Version: 1)
0 comment(s)

New Mass Mailing Virus




A new mass mailing virus is spreading around the Internet today. Most of the Anti-Virus vendors are calling it Bagle.B. This virus harvests email addresses from infected computers and uses those addresses as the To: address while spoofing the From: address. The primary characteristics of the emails it sends are as follows:



* Subject: ID <random characters>... thanks

* Body:

* Yours ID <random characters>

* - -

* Thank

* Attachment: <random characters>.exe



If the attachment is opened, it will create a backdoor on tcp port 8866 and
will search 4 websites for email addresses to announce the IP address of
the infected computer to would-be hackers. Afterwards the infected
computer will start mass-mailing the virus laden emails to any email
addresses it finds on the infected computer.


Verify that your Anti-Virus software is up to date, and continue to practice safe computing practices. If you were not expecting the attachment don't touch it.


For more technical details please check the following websites.


Symantec - http://www.sarc.com/avcenter/venc/data/w32.alua@mm.html



McAfee - http://us.mcafee.com/virusInfo/default.asp?id=description&virus_k=101030

Sophos - http://www.sophos.com/virusinfo/analyses/w32tanxa.html


(or your favorite Anti-Virus Vendor's website)


Thanks to Scott Fendley for the use of this information.




New worms and viruses


Today has been a busy day for SysAdmin's. There has been an explosion of new worms and malware seen today. It is important for everyone to use extreme care for the next few days as this activity shakes out.



50% Increase in Email Fraud and Phishing in January


According to an article at finextra.com, " E-mail fraud and phishing scams grew by more than 50% in January, with an average of 5.7 new, unique attacks sent out to millions of consumers each day." Check out the article at

http://www.finextra.com/topstory.asp?id=11196




Handler on Duty

Deb Hale

haled@pionet.net
Keywords:
0 comment(s)

Comments


Diary Archives