• Announcements

    • Budfred

      IE 11 copy/paste problem

      It has come to our attention that people using Internet Explorer 11 (IE 11) are having trouble with copy/paste to the forum. If you encounter this problem, using a different browser like Firefox or Chrome seems to get around the problem. We do not know what the problem is, but it seems to be specific to IE 11 and we are hopeful that Microsoft will eventually fix it.
Sign in to follow this  
Followers 0
AplusWebMaster

New MyDoom Worm

4 posts in this topic

FYI...from the Internet Storm Center:

 

- http://isc.sans.org/diary.php?date=2004-07-26

Updated July 26th 2004 19:30 UTC

"...The latest version of MyDoom, which started arriving in peoples mail boxes in force today, uses search eninges to find more recipients for its message. Once the virus is started, it searched the users files for domain names. Once it spotted a domain name (e.g. '@example.com', or in 'www.example.com'), it will search various search engines for valid e-mail addresses within these domains. These search engines include Lycos, Google, Altavista, Yahoo and possibly others...Google and Lycos appear to have problems responding to queries as a result...Antivirus vendors are currently publishing updated signature files. Please update ASAP. Infected machines can be identified by looking for excessive traffic to search engines and smtp traffic. The virus is UPX packed..."

 

(...and is responsible for jamming much of the web today) :alarm:

 

--------------------------------

 

EDIT/ADD:

Symantec has developed a removal tool - updated to cover W32.Mydoom.M@mm

- http://securityresponse.symantec.com/avcen...moval.tool.html

Last Updated on: July 26, 2004 02:36:26 PM PDT

Edited by apluswebmaster

Share this post


Link to post
Share on other sites

FYI...

 

MyDoom-O hits search engines hard

- http://isc.sans.org/diary.php?date=2004-07-26

Updated July 27th 2004 01:25 UTC

"Overview

The latest version of MyDoom, which started arriving in peoples mail boxes in force today, uses search engines to find more recipients for its message. Once the virus is started, it searched the users files for domain names. Once it spotted a domain name (e.g. 'example.com'), it will search various search engines for valid e-mail addresses within these domains. These search engines include Lycos, Google, Altavista, Yahoo and possibly others. Some of the search engines, in particular Google and Lycos, had problems handling the large number of queries. As a result, the search engines did not return any result, or returned error messages. These MyDoom e-mails arrive in a number of different forms. Some claim to be a bounce caused by a message the user sent earlier, others claim to be a message from the users ISP claiming that the user sent spam and should run the attached file. The virus may be zipped or a plain executable...

Details

MyDoom creates the executable files C:\Windows\services.exe and java.exe, and executes them..."

 

>>> (More complete up-to-date details - please use the link!)

Share this post


Link to post
Share on other sites

FYI...

 

- http://isc.sans.org/diary.php?date=2004-07-26

Updated July 27th 2004 15:11 UTC

"...Symantec reports that the 'Zindos.A' backdoor dropped by MyDoom-O is used by a worm that will attempt to DDOS microsoft.com. Infected systems will start the DDOS right after the worm is installed and will scan for other vulnerable systems. Infected systems can easily be identified by looking for port 1034 TCP scans..." ( http://isc.sans.org/port_details.php?port=1034 )

 

Removal tool

- http://securityresponse.symantec.com/avcen...moval.tool.html

Last Updated on: July 27, 2004 12:00:11 AM PDT

 

Also see:

- http://www.sarc.com./avcenter/venc/data/ba....zincite.a.html

Last Updated on: July 27, 2004 10:50:15 AM

- http://securityresponse.symantec.com/avcen...ydoom.m@mm.html

Last Updated on: July 27, 2004 12:51:55 PM

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!


Register a new account

Sign in

Already have an account? Sign in here.


Sign In Now
Sign in to follow this  
Followers 0