Copycat version of MSBlast worm already on the loose
It didn't take long for a quick copycat of MSBlaster to show its face. Wednesday, Moscow-based security firm Kaspersky Labs detected a variation of the MSBlast worm loose in the wild.
The worm, which has not yet been named, is a near doppelganger of MSBlast, with only slight changes. The name of the primary worm-carrier file--MSBLAST.EXE in the original--is now TEEKIDS.EXE. The variation's code has also been compressed with FSG rather than UPX, and a new string of text buried within the code takes different potshots at both Microsoft and anti-virus developers.
[ Read more ]
By subscribing to our early morning news update, you will receive a daily digest of the latest security news published on Help Net Security.
With over 500 issues so far, reading our newsletter every Monday morning will keep you up-to-date with security risks out there.