Video | Business Headlines | Internet | Science | Scientific Ethics | Technology | Search

 

Symantec Security Response 27 July 2004

Symantec Security Response - Tue, 27 July 2004

Symantec Security Response has identified a new variant of the Mydoom worm -- W32.Mydoom.M@mm. The worm was discovered today, July 26, and Symantec has upgraded this threat to a Level 4 (Level 5 being the most severe) due to increased submission rates.

At this time, Symantec has received a total of 728 submissions -- 129 of which are corporate submissions. Symantec's DeepSight Threat Analyst Team has also increased the ThreatCon to a Level 2 (Level 4 being the most severe). The Symantec ThreatCon provides a digital forecast of Internet activity, and a Level 2 rating signifies increased alertness.


W32.Mydoom.M@mm is a mass-mailing worm that opens a back door -- Backdoor.Zincite.A -- on port 1034/tcp and uses its own SMTP engine to spread through e-mail. If a machine becomes infected with W32.Mydoom.M@mm, it will allow the attacker to have remote, unauthorized access to the machine.

It will gather email addresses from files with .doc, .txt., .htm, and .html extensions. It will also query search.lycos.com, search.yahoo.com, www.altavista.com, and www.google.com to harvest additional e-mail addresses for possible distribution. When the worm finds an open Outlook window, it will attempt to send itself to the e-mail addresses it has found. This mass mailing may clog mail servers and downgrade system performance.

The worm's attachment will have a .cmd, .bat, .com, .exe, .pif, .scr, or .zip file extension, but the name of the attachment will vary. The From address will be spoofed, and the subject and body of the message will also vary (visit http://securityresponse.symantec.com/avcenter/venc/data/w32.mydoom.m@mm.ht ml for more details).

Symantec Security Response recommends that IT administrators filter attachments that are not on a list of approved types at the e-mail gateway and apply the Outlook E-mail Security Update (Q262631) in order to block user access to certain attachment types. This update will also notify the user of applications attempting to access the Outlook address book.

"As with past variants of Mydoom, both consumer and business computers can be affected by W32.Mydoom.M@mm," said Vincent Weafer, senior director, Symantec Security Response. "Due to its mass-mailing capabilities, W32.Mydoom.M@mm is spreading rapidly. In order to be fully protected, all users should take necessary steps to protect their systems, such as installing security patches, having up-to-date virus definitions, and refraining from opening attachments or suspicious e-mails."

ENDS

© Scoop Media

 
 
 
Business Headlines | Sci-Tech Headlines

 

ScoopPro: Helping The Education Sector Get More Out Of Scoop

The ScoopPro professional license includes a suite of useful information tools for professional users of Scoop including some specifically for those in the education sector to make your Scoop experience better. More>>

Big Tax Bill Due: Destiny Church Charities Deregistered

The independent Charities Registration Board has decided to remove Destiny International Trust and Te Hahi o Nga Matamua Holdings Limited from the Charities Register on 20 December 2017 because of the charities’ persistent failure to meet their annual return obligations. More>>

57 Million Users' Data: Uber Breach "Utterly Preventatable"

Cybersecurity leader Centrify says the Uber data breach of 57 million customer and driver records - which the ride-hailing company hid for more than a year - was “utterly preventable”. More>>

Scoop 3.0: How You Can Help Scoop’s Evolution

We have big plans for 2018 as we look to expand our public interest journalism coverage, upgrade our publishing infrastructure and offer even more valuable business tools to commercial users of Scoop. More>>

Having A Cow? Dairy Product Prices Slide For Fourth Straight Auction

Dairy product prices fell at the Global Dairy Trade auction, retreating for the fourth straight auction amid signs of increased production... Whole milk powder fell 2.7 percent to US$2,778 a tonne. More>>

ALSO:

Statistics: Butter At Record $5.67/Block; High Vegetable Prices

Rising dairy prices have pushed food prices up 2.7 percent in the year to October 2017, Stats NZ said today. This followed a 3.0 percent increase in the year to September 2017. More>>

ALSO:

Science: New Research Finds Herbicides Cause Antibiotic Resistance

New University of Canterbury research confirms that the active ingredients of the commonly used herbicides, RoundUp, Kamba and 2,4-D (glyphosate, dicamba and 2,4-D, respectively), each alone cause antibiotic resistance at concentrations well below label application rates. More>>

ALSO:

 
 
 
 
 
 
 
 
  • Bill Bennett on Tech