Video | Business Headlines | Internet | Science | Scientific Ethics | Technology | Search

 


W32.Sobig.F@mm – Upgraded To Level 3 Threat

Symantec Security Response - W32.Sobig.F@mm - Level 3 threat

W32.Sobig.F@mm

Due to the number of submissions received from customers, Symantec Security Response has upgraded this threat to a Category 3 (moderate) from a Category 2 threat. This worm is mostly affecting the consumer user. Symantec Security Response expects that this worm will continue to spread at a steady pace for the next 2-3 days. W32.Sobig.F@mm is a mass-mailing, network-aware worm that sends itself to all the email addresses that it finds in the files with the following extensions:

.dbx
.eml
.hlp
.htm
.html
.mht
.wab
.txt

The worm utilises it's own SMTP engine to propagate and will attempt to create a copy of itself on accessible network shares. The email will have a Spoofed address (which means that the sender in the "From" field is most likely not the real sender). The worm may use the address admin@internet.com as the sender.


* Re: Details
* Re: Approved
* Re: Re: My details
* Re: Thank you!
* Re: That movie
* Re: Wicked screensaver
* Re: Your application
* Thank you!
* Your details

Body:
* See the attached file for details
* Please see the attached file for details.

Attachment:
* your_document.pif
* document_all.pif
* thank_you.pif
* your_details.pif
* details.pif
* document_9446.pif
* application.pif
* wicked_scr.scr
* movie0045.pif


NOTE: The worm de-activates on September 10, 2003. The last day on which the worm will spread is September 9, 2003.

Definitions for this worm were posted via LiveUpdate and Intelligent Updater on August 19th. Additional technical details and a removal tool for this worm may be found at - http://securityresponse.symantec.com/avcenter/venc/data/w32.sobig.f@mm.html

W32.Welchia.Worm Update

Current Submission numbers - 305 total, 42 corporate.

Because W32.Welchia.Worm and W32.Blaster.Worm use the same vulnerability, DeepSight cannot differentiate the infections at this time. (Total number of infected systems for both these worms is currently 630,000.) Symantec Security Response has received confirmation that large enterprise customers are still being impacted greatly by this worm internally. The clean-up period will be at least weeks to months before systems are repaired.


© Scoop Media

 
 
 
 
 
Business Headlines | Sci-Tech Headlines

 

Half A Billion Accounts: Yahoo Confirms Huge Data Breach

The account information may have included names, email addresses, telephone numbers, dates of birth, hashed passwords (the vast majority with bcrypt) and, in some cases, encrypted or unencrypted security questions and answers. More>>

Rural Branches: Westpac To Close 19 Branches, ANZ Looks At 7

Westpac confirms it will close nineteen branches across the country; ANZ closes its Ngaruawahia branch and is consulting on plans to close six more branches; The bank workers union says many of its members are nervous about their futures and asking ... More>>

Interest Rates: RBNZ's Wheeler Keeps OCR At 2%

Reserve Bank governor Graeme Wheeler kept the official cash rate at 2 percent and said more easing will be needed to get inflation back within the target band. More>>

ALSO:

Half Full: Fonterra Raises Forecast Payout As Global Supply Shrinks

Fonterra Cooperative Group, the dairy processor which will announce annual earnings tomorrow, hiked its forecast payout to farmers by 50 cents per kilogram of milk solids as global supply continues to decline, helping prop up dairy prices. More>>

ALSO:

Results:

Meat Trade: Silver Fern Farms Gets Green Light For Shanghai Maling Deal

The government has given the green light for China's Shanghai Maling Aquarius to acquire half of Silver Fern Farms, New Zealand's biggest meat company, with ministers satisfied it will deliver "substantial and identifiable benefit". More>>

ALSO:

Get More From Scoop

 
 
 
 
 
 
 
 
 
Sci-Tech
Search Scoop  
 
 
Powered by Vodafone
NZ independent news