Weekly Virus Report - Opaserv, Oror and Mylka Worm
Posted on 04.11.2002
Over the last few days, three new malicious codes have been discovered. The first is variant H of the Opaserv worm. Opaserv.H (W32/Opaserv.H) has similar characteristics to its predecessors and its main aim is to infect other computers, especially if they are connected to a network. This malicious code also tries to connect to a website in order to update some of its components.

However, unlike the rest of the Opaserv variants, the file carrying Opaserv.H can vary in size and is compressed with the PCShrink utility, which as well as reducing the size of the virus also encrypts the infection code.

In order to install itself in other computers, Opaserv.H looks for vulnerable computers in the Internet, when it finds them it calls port 139 and spreads by copying itself in the C:\Windows directory under the name MARCO!.SCR.

Another worm detected by the Virus Laboratory over the last few days is Oror.B (W32/Oror.B). This malicious code is considered dangerous, as it could delete the content of all the disk drives in the affected computer. This worm is also capable of spreading rapidly via e-mail, mIRC and Kazaa, the popular file-sharing program.

The third malicious code is Mylka.A (W32/Mylka.A), another destructive worm that is capable of deleting Windows files and files related to applications including some antivirus programs.

Mylka.A uses social engineering techniques to spread via e-mail. The message and the name of the attached file carrying the worm have variable characteristics.


The synergy of hackers and tools at the Black Hat Arsenal

Posted on 27 August 2014.  |  Tucked away from the glamour of the vendor booths and the large presentation rooms filled with rockstar sessions, was the Arsenal - a place where developers were able to present their security tools and grow their community.

Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.

Daily digest

Receive a daily digest of the latest security news.


Fri, Aug 29th