|
Mydoom Worm Sets Speed Records
Here is some info about the latest email threat. Protect yourselves.
Glad ~~~~~~~~~~~~~~~~~~~ http://www.pcworld.com/news/article/0,aid,114461,00.asp Mydoom Sets Speed Records New worm is spreading faster than Sobig.F, experts say. PC World Paul Roberts, IDG News Service Tuesday, January 27, 2004 Mydoom, a new computer virus spreading by e-mail, is breaking records for new infections, antivirus vendors and security companies say. Infected e-mail messages carrying the Mydoom virus, also known as "Shimgapi" and "Novarg," have been intercepted from over 142 countries and now account for one in every 12 e-mail messages, according to Mark Sunner, chief technology officer at e-mail security company MessageLabs. That surpasses the Sobig.F virus record, which appeared last August and, at its peak, was found in one of every 17 messages intercepted by MessageLabs, he says. Since first detecting the new virus at 1:00 PM GMT on Monday, MessageLabs intercepted almost 1 million infected e-mail messages carrying the virus, Sunner says. The virus has "followed the sun," hitting hard in the U.S. and Canada late on Monday, then working its way through Asia and Europe on Tuesday, he says. F-Secure of Helsinki estimates that around 100,000 computers have been infected with Mydoom so far, says Mikko Hypponen, manager of antivirus research at F-Secure. Antivirus experts expect another large wave of infections in the U.S. and Canada on Tuesday morning, as workers who missed the virus late Monday return to their desks, he says. Tech Talk The worm arrives as a file attachment in an e-mail with a variety of senders and subjects, such as "Hello," and "test." The message body is often technical sounding, imitating the look and feel of an automatically generated message from an e-mail server, Sunner says. For example, some e-mail messages telling recipients that "the message contains unicode characters and has been sent as a binary attachment," or "The message cannot be represented in 7-bit ASCII encoding and has been sent as a binary attachment." Users who click on the attachment, which uses a variety of file extensions such as ZIP, SCR, EXE, and PIF, are infected with the virus. The technical pitch is a new twist on so-called "social engineering" techniques used by virus writers to trick users into opening malicious file attachments. Mydoom's authors may have been counting on the fact that people trust the authenticity of computer generated messages more than those purporting to come from other humans, Sunner says. Mimicking the language of a computer-generated administrative message may have also helped Mydoom spread within large corporations, where employees are used to receiving such messages from administrative systems, according to David Perry, public education director at antivirus company Trend Micro. Going to Work Trend Micro saw evidence on Monday of infections from 12 of the Fortune 100 companies, he says. Once inside such companies, Mydoom could use the enormous bandwidth of those corporate networks and huge e-mail address books as a "springboard" to the rest of the Internet, Perry says. While Mydoom has shattered Sobig.F records, in many ways the two viruses are the same, antivirus experts agree. Both viruses scan infected computers for e-mail addresses that are then targeted by infected e-mail. Also, both Sobig.F and Mydoom are small and contain highly efficient SMTP engines for sending out copies of themselves. The efficiency of their mail engines means that even a small number of infections can generate a massive amount of e-mail traffic, Hypponen says. Finally, both Sobig.F and Mydoom contain a Trojan horse program that gives remote attackers full control of the infected system, he says. In the case of Sobig.F, experts theorized that the virus was being used to assemble "zombie" networks of machines for distributing spam e-mail. A similar motive may be behind Mydoom, though the virus writer's intentions are not yet clear, says Perry. |
Why is it that whenever these virii outbreaks occur I never get a single copy of it in my mailbox?
|
'cuz you filter it, or your ISP does?
|
Hehe thank god my isp has email protection built in :)
|
Turbine, maybe because no one has you in their address book.
I'm just wondering why this is spreading so much faster, haven't these people learned anything from the huge infections that keep sweeping the world. |
Quote:
|
You know, I hate email virii as much as the next guy, but... This sucker is time-bombed to launch a massive DDoS against SCO. So I'm a little of-two-minds about it....
I hate to condone this sort of behavior. At the same time, it's going to hurt SCO. |
This is why I'm glad I don't have any friends. I never get any shit like this.
|
Quote:
|
Quote:
|
Yay for MAC OSX!
suckers! ;) |
So, what part of "Don't open email from strangers" does the world not understand yet?
|
Quote:
|
Quote:
|
sigh,
just don't open attachments. I never do, unless I confirm from the sender it's something I need. |
I got one at work, and they filter pretty heavily. Luckily I realized that an e-mail that says Hi and has a zip file attached from someone I don't know wasn't to be trusted. I passed it to IT, and they had most of it filtered pretty quickly.
|
You deserve to get a virus if you open e-mail attachments.
|
Quote:
All you need is a working OS now! |
My friend received the email in linux, realized what it was, and installed windows just so he could be part of the ddos.
I think I may contract it myself for the same purpose. After all, the ends justify te means, do they not? :p and KWSN - HAHAHAHAHAHA :lol: |
A client of mine had about 35 quarantined e-mails that might've had the virus. No damage was done but he was still freaked out over it.
|
The damn thing is also inventing its own TO addresses. I have a domain, and I'm receiving about 10 a day to addresses that I've never set up.
|
Indeed it is, redlemon.
This one came on fast and tapered off fast as well. At work here, the gateway was picking them off at a rate of 6 a minute at it's peak, then tapering off to about 1 a minute for most of yesterday night and this AM. All of a sudden they stopped. Very wierd. |
Quote:
*falls off chair laughing* |
Quote:
|
Quote:
|
Go out and buy a decent operating system eh? You could drive a truck throught the sloppy mess that is windoze!
one OS to rule them all... X |
I think SCo deserves this. How are they going to sue when Linux is virtually built by everyday users that download it off of the internet and send back improvements to make the OS better. WTF! Every OS that I have seen steals from the other. Look at Bill Gates for example. He lied, cheated, and now he is rich. That is the way this world works. I don't know how this is going to be proved the amount of line code there is.
|
What is SCO? A virus hit my comp yesterday. I don't know if it was this one, I rarely use e-mail but I have a friend who was checking his on my computer yesterday. What ever hit my computer fraged my whole computer. I lost everything and had to write zeros to my HD, bummer for me. So far my HD and computer seem to be doing ok with the reinstall though. As for all you Linux users out there I'm still playing with it. I’m impressed with how far Linux has come in the last few years; soon it will be as easy to use, and as compatible as Windows, its pretty close now, keep up the good work.
|
Wow, I'm soo glad I don't do the security engineer thing anymore. Otherwise I'd be looking at those 12 hour days.
|
Luckily, I don't open any attachments which I don't expect. Even from friends. But we usually do things over icq so I know what is going to be sent as an attachment by email. Helps keep things more secure as I don't need to open any emails at all that I don't expect.
|
no virus on my cpu, better knock on wood though
|
Could someone explain this thing between ddos, SCO, Linux, Windows, etc?
I have read all of these in this thread and I am very lost. What was the virus designed for? And what does it do on the site. Edit: Googled and found out that it is an attack on the SCO site because of the lawsuit between Linux open-sourcer's and SCO. If you have the virus, how will you know you have it and what does it do? |
Guess this could also explain the slowness of the net foe the pasrt few days. My pages have been very slow in loading. Several times i couldn't log onto MSN. Lots of emails clogging the system. Haven't gotten any of the e-mails myself. Good VS program.
|
My internet at school goes down daily because of this virus. The bastards that create these viruses need to be drug out in the street and shot. I have 2 online classes and can never get any work done. What is wrong with these people who have nothing better to do than make other peoples life hell???
|
When are people gonna get it through their head that jokes attached to e-mails are seldom funny and are not worth the cost of re-installing your pc and having to explain to the boss why every computer in the office is now fragged!
Women are the worst. I used to have a summer job at an office and every day they'd open the same attachments and every day norton would go ape shit trying to keep up. |
Honestly in the past, if you didn't want your computer infected, it was relatively easy to avoid being infected. These days...computers are infected so quickly and easily. This summer I had to reinstall my research computer due to the blaster worm. While reinstalling, and before I could apply the patch, the computer was infected again...so irritating.
|
| All times are GMT -8. The time now is 04:37 AM. |
Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2024, vBulletin Solutions, Inc.
Search Engine Optimization by vBSEO 3.6.0 PL2
© 2002-2012 Tilted Forum Project