Beware of The New Version of Mydoom Worm
Posted on 29.01.2004
Kaspersky Labs , a leading information security software developer has detected a new version of Mydoom, the latest Internet worm - Mydoom.b

Kaspersky Labs has already received several reports of infections by this malicious program. Our analysts believe that Mydoom.b is probably using machines infected by the original Mydoom to propagate. Therefore, the computer community may be facing a much more serious outbreak than the one caused by Mydoom.a yesterday, January 27.

At this time Kaspersky Labs is analyzing Mydoom.b. Like its predecessor, the worm spreads via email and the KaZaA file-sharing network. The carrier is about 28 KB in size and contains the following text: "sync-1.01; andy; I'm just doning my job, nothing personal, sorry". Moreover, the worm now performs DDoS attach not only at www.sco.com but also to www.microsoft.com.

The worm modifies the standard 'hosts' file in the Windows folder the way a user cannot access some sites (including security-related web-sites):

engine.awaps.net awaps.net www.awaps.net ad.doubleclick.net spd.atdmt.com atdmt.com click.atdmt.com clicks.atdmt.com media.fastclick.net fastclick.net www.fastclick.net ad.fastclick.net ads.fastclick.net banner.fastclick.net banners.fastclick.net www.sophos.com sophos.com ftp.sophos.com f-secure.com www.f-secure.com ftp.f-secure.com securityresponse.symantec.com www.symantec.com symantec.com service1.symantec.com liveupdate.symantec.com update.symantec.com updates.symantec.com support.microsoft.com downloads.microsoft.com download.microsoft.com windowsupdate.microsoft.com office.microsoft.com msdn.microsoft.com go.microsoft.com nai.com www.nai.com vil.nai.com secure.nai.com www.networkassociates.com networkassociates.com avp.ru www.avp.ru www.kaspersky.ru www.viruslist.ru viruslist.ru avp.ch www.avp.ch www.avp.com avp.com us.mcafee.com mcafee.com www.mcafee.com dispatch.mcafee.com download.mcafee.com mast.mcafee.com www.trendmicro.com www3.ca.com ca.com www.ca.com www.my-etrust.com my-etrust.com ar.atwola.com phx.corporate-ir.net





Spotlight

Targeted attack protection via network topology alteration

Posted on 17 October 2014.  |  This article from Trend Micro tackles how network topology can aid in defending the enterprise network from risks posed by targeted attacks.


Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.
  



Daily digest

Receive a daily digest of the latest security news.
  

DON'T
MISS

Mon, Oct 20th
    COPYRIGHT 1998-2014 BY HELP NET SECURITY.   // READ OUR PRIVACY POLICY // ABOUT US // ADVERTISE //