Video | Business Headlines | Internet | Science | Scientific Ethics | Technology | Search

 

W32.Novarg.A@Mm Upgraded To Level 4 Threat

News Release

SYMANTEC SECURITY RESPONSE UPGRADES W32.NOVARG.A@MM
TO LEVEL 4 THREAT

New Mass-Mailing Worm Attempts to Launch a Denial-of-Service Attack Beginning February 1

Symantec, the world leader in Internet security, announced that it has upgraded the W32.Novarg.A@mm (also know as W32.Mydoom@mm) from a Level 3 to a Level 4 threat based on how fast the threat is spreading, the potential damage and the threat distribution. Additionally, the Symantec DeepSight Threat Analyst Team has increased the global ThreatCon from Level 1 to 2 due to the number of sample submissions Symantec has received and because of the malicious nature of the backdoor that the Trojan installed. Symantec’s ThreatCon rating provides a digital weather forecast of Internet Security.

Symantec Security Response is receiving submissions of W32.Novarg.A@mm at approximately the same rate it initially received submissions of Sobig.F@mm (discovered August 13, 2003). Yesterday, Symantec Security Response received more than 960 submissions of W32.Novarg.A@mm in a nine-hour timeframe.

Symantec customers can protect against W32. W32.Novarg.A@mm by updating their virus definitions through LiveUpdate. Additionally, the Worm Blocking technology found in the latest Symantec consumer products automatically detects this threat as it attempts to spread. Symantec Security Response encourages all users and administrators to adhere to basic security best practices.

About W32.Novarg.A@mm

W32.Novarg.A@mm is an encrypted mass-mailing worm that arrives as an attachment with a variety of different subject lines such as “hello,” “Mail Transaction Failed,” or “Test.” The attachment has one of the following extensions: .cmd, .exe, .scr., .zip, .pif, .bat, or .cmd. Once opened, the worm copies itself to the system folder as taskmon.exe and listens to all TCP ports in the range 3127 to 3198, allowing hackers to potentially send additional files to be executed by the infected systems.

The worm propagates by sending itself to addresses found in files with the extensions: .htm, .sht., .php, .asp, .dbx, .tbb, .adb., .pl, .wab, and .txt. It ignores addresses that end in .edu.

The worm will also attempt to perform a denial-of-service attack between Feb. 1 and Feb. 12, 2004 against www.sco.com. The worm creates 64 threads that send HTTP “GET” requests to the SCO site. SCO is a provider of software solutions for small- to medium-sized businesses and replicated branch offices.

Additional information on W32.Novarg@mm can be found on Symantec’s Web site at http://securityresponse.symantec.com/avcenter/venc/data/w32.novarg.a@mm.html.

About Symantec

Symantec, the world leader in Internet security technology, provides a broad range of content and network security software and appliance solutions to individuals, enterprises and service providers. The company is a leading provider of client, gateway and server security solutions for virus protection, firewall and virtual private network, vulnerability management, intrusion detection, Internet content and email filtering, and remote management technologies and security services to enterprises and service providers around the world. Symantec’s Norton brand of consumer security products is a leader in worldwide retail sales and industry awards. Headquartered in Cupertino, Calif., Symantec has worldwide operations in 38 countries.

###

NOTE TO EDITORS: If you would like additional information on Symantec Corporation and its products, please view the Symantec Press Center at http://www.symantec.com/PressCenter/ on Symantec’s Web site.
Symantec and the Symantec logo are trademarks or registered trademarks, in the United States and certain other countries, of Symantec Corporation. Additional company and product names may be trademarks or registered trademarks of the individual companies and are respectfully acknowledged.

© Scoop Media

 
 
 
Business Headlines | Sci-Tech Headlines

 

Mycoplasma Bovis: More Properties Positive

One of the latest infected properties is in the Hastings district, the other three are within a farming enterprise in Winton. The suspect property is near Ashburton. More>>

ALSO:

Manawatū Gorge Alternative: More Work Needed To Choose Route

“We are currently working closely and in partnership with local councils and other stakeholders to make the right long-term decision. It’s vital we have strong support on the new route as it will represent a very significant long-term investment and it will need to serve the region and the country for decades to come.” More>>

ALSO:

RBNZ: Super Fund Chief To Be New Reserve Bank Governor

Adrian Orr has been appointed as Reserve Bank Governor effective from 27 March 2018, Finance Minister Grant Robertson says. More>>

ALSO:

ScoopPro: Helping PR Professionals Get More Out Of Scoop

Scoop.co.nz has been a fixture of New Zealand’s news and Public Relations infrastructure for over 18 years. However, without the financial assistance of those using Scoop in a professional context in key sectors such as Public Relations and media, Scoop will not be able to continue this service... More>>

Insurance: 2017 Worst Year On Record For Weather-Related Losses

The Insurance Council of New Zealand (ICNZ) announced today that 2017 has been the most expensive year on record for weather-related losses, with a total insured-losses value of more than $242 million. More>>

ALSO: