Weekly Virus Report - Opaserv, Oror and Mylka Worm
Posted on 04.11.2002
Over the last few days, three new malicious codes have been discovered. The first is variant H of the Opaserv worm. Opaserv.H (W32/Opaserv.H) has similar characteristics to its predecessors and its main aim is to infect other computers, especially if they are connected to a network. This malicious code also tries to connect to a website in order to update some of its components.

However, unlike the rest of the Opaserv variants, the file carrying Opaserv.H can vary in size and is compressed with the PCShrink utility, which as well as reducing the size of the virus also encrypts the infection code.

In order to install itself in other computers, Opaserv.H looks for vulnerable computers in the Internet, when it finds them it calls port 139 and spreads by copying itself in the C:\Windows directory under the name MARCO!.SCR.

Another worm detected by the Virus Laboratory over the last few days is Oror.B (W32/Oror.B). This malicious code is considered dangerous, as it could delete the content of all the disk drives in the affected computer. This worm is also capable of spreading rapidly via e-mail, mIRC and Kazaa, the popular file-sharing program.

The third malicious code is Mylka.A (W32/Mylka.A), another destructive worm that is capable of deleting Windows files and files related to applications including some antivirus programs.

Mylka.A uses social engineering techniques to spread via e-mail. The message and the name of the attached file carrying the worm have variable characteristics.





Spotlight

Operation Pawn Storm: Varied targets and attack vectors, next-level spear-phishing tactics

Posted on 23 October 2014.  |  Targets of the spear phishing emails included staff at the Ministry of Defense in France, in the Vatican Embassy in Iraq, military officials from a number of countries, and more.


Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.
  



Daily digest

Receive a daily digest of the latest security news.
  

DON'T
MISS

Fri, Oct 24th
    COPYRIGHT 1998-2014 BY HELP NET SECURITY.   // READ OUR PRIVACY POLICY // ABOUT US // ADVERTISE //