Glad-I-Ate-Her

Here is some info about the latest email threat. Protect yourselves.

Glad

~~~~~~~~~~~~~~~~~~~
http://www.pcworld.com/news/article/0,aid,114461,00.asp

Mydoom Sets Speed Records

New worm is spreading faster than Sobig.F, experts say.

PC World
Paul Roberts, IDG News Service
Tuesday, January 27, 2004
Mydoom, a new computer virus spreading by e-mail, is breaking records for new infections, antivirus vendors and security companies say.

Infected e-mail messages carrying the Mydoom virus, also known as "Shimgapi" and "Novarg," have been intercepted from over 142 countries and now account for one in every 12 e-mail messages, according to Mark Sunner, chief technology officer at e-mail security company MessageLabs.

That surpasses the Sobig.F virus record, which appeared last August and, at its peak, was found in one of every 17 messages intercepted by MessageLabs, he says.

Since first detecting the new virus at 1:00 PM GMT on Monday, MessageLabs intercepted almost 1 million infected e-mail messages carrying the virus, Sunner says.

The virus has "followed the sun," hitting hard in the U.S. and Canada late on Monday, then working its way through Asia and Europe on Tuesday, he says.

F-Secure of Helsinki estimates that around 100,000 computers have been infected with Mydoom so far, says Mikko Hypponen, manager of antivirus research at F-Secure.

Antivirus experts expect another large wave of infections in the U.S. and Canada on Tuesday morning, as workers who missed the virus late Monday return to their desks, he says.

Tech Talk
The worm arrives as a file attachment in an e-mail with a variety of senders and subjects, such as "Hello," and "test." The message body is often technical sounding, imitating the look and feel of an automatically generated message from an e-mail server, Sunner says.

For example, some e-mail messages telling recipients that "the message contains unicode characters and has been sent as a binary attachment," or "The message cannot be represented in 7-bit ASCII encoding and has been sent as a binary attachment."

Users who click on the attachment, which uses a variety of file extensions such as ZIP, SCR, EXE, and PIF, are infected with the virus.

The technical pitch is a new twist on so-called "social engineering" techniques used by virus writers to trick users into opening malicious file attachments. Mydoom's authors may have been counting on the fact that people trust the authenticity of computer generated messages more than those purporting to come from other humans, Sunner says.

Mimicking the language of a computer-generated administrative message may have also helped Mydoom spread within large corporations, where employees are used to receiving such messages from administrative systems, according to David Perry, public education director at antivirus company Trend Micro.

Going to Work
Trend Micro saw evidence on Monday of infections from 12 of the Fortune 100 companies, he says.

Once inside such companies, Mydoom could use the enormous bandwidth of those corporate networks and huge e-mail address books as a "springboard" to the rest of the Internet, Perry says.

While Mydoom has shattered Sobig.F records, in many ways the two viruses are the same, antivirus experts agree.

Both viruses scan infected computers for e-mail addresses that are then targeted by infected e-mail. Also, both Sobig.F and Mydoom are small and contain highly efficient SMTP engines for sending out copies of themselves. The efficiency of their mail engines means that even a small number of infections can generate a massive amount of e-mail traffic, Hypponen says.

Finally, both Sobig.F and Mydoom contain a Trojan horse program that gives remote attackers full control of the infected system, he says.

In the case of Sobig.F, experts theorized that the virus was being used to assemble "zombie" networks of machines for distributing spam e-mail. A similar motive may be behind Mydoom, though the virus writer's intentions are not yet clear, says Perry.

__________________
I'm "Glad I Ate Her" because the payback was worth it!!

Turbine

Why is it that whenever these virii outbreaks occur I never get a single copy of it in my mailbox?

cheerios

'cuz you filter it, or your ISP does?

merkerguitars

Hehe thank god my isp has email protection built in

__________________
Donate now! Ask me How!

Please use the search function it is your friend.

Look at my mustang please feel free to comment!

http://www.tfproject.org/tfp/showthread.php?t=26985

Reese

Turbine, maybe because no one has you in their address book.

I'm just wondering why this is spreading so much faster, haven't these people learned anything from the huge infections that keep sweeping the world.

__________________
“It is better to be rich and healthy than poor and sick” - Dave Barry

sailor

I keep wondering the same thing. This virus has all but choked our campus email. I have gotten several infected emails, but Im not one to open random attachments.

__________________
"Good people do not need laws to tell them to act responsibly, while bad people will find a way around the laws."
--Plato

ratbastid

You know, I hate email virii as much as the next guy, but... This sucker is time-bombed to launch a massive DDoS against SCO. So I'm a little of-two-minds about it....

I hate to condone this sort of behavior. At the same time, it's going to hurt SCO.

brandon11983

This is why I'm glad I don't have any friends. I never get any shit like this.

__________________
Well behaved women rarely make history.

sailor

I felt the same at first, but then I realized that the last thing the linux community needs in this fight is the bad press that this will generate. Make no mistake, this virus, while entertaining, is a bad thing.

__________________
"Good people do not need laws to tell them to act responsibly, while bad people will find a way around the laws."
--Plato

mokle

That doesn't really matter. SCO deservers to be hurt in the courts. Virii hurt everyone in the process.

__________________
Mokle
"Your hands can't hit what your eyes can't see" -Ali

ApexgriN

Yay for MAC OSX!

suckers!

__________________
-
apexGrin

grumpyolddude

So, what part of "Don't open email from strangers" does the world not understand yet?

__________________
"Regret can be a harder pill to swallow than failure .With failure you at least know you gave it a chance..." David Howard

fik

Well a lot of viruses disguise the infected email into looking like it came from someone you know, someone that has your email in their address book.

Bivens

Your time will come.

Lebell

sigh,

just don't open attachments.

I never do, unless I confirm from the sender it's something I need.

__________________
"Of all tyrannies, a tyranny exercised for the good of its victims may be the most oppressive. It may be better to live under robber barons than under omnipotent moral busybodies. The robber baron's cruelty may sometimes sleep, his cupidity may at some point be satiated; but those who torment us for our own good will torment us without end, for they do so with the approval of their own conscience." – C. S. Lewis

The ONLY sponsors we have are YOU!

Please Donate!

skysooner

I got one at work, and they filter pretty heavily. Luckily I realized that an e-mail that says Hi and has a zip file attached from someone I don't know wasn't to be trusted. I passed it to IT, and they had most of it filtered pretty quickly.

omega2K4

You deserve to get a virus if you open e-mail attachments.

__________________
"While the State exists there can be no freedom. When there is freedom there will be no State." - Vladimir Ilyich Lenin

"Reason has always existed, but not always in a reasonable form."- Karl Marx

KWSN

Good for you guys, you don't get the virus!

All you need is a working OS now!

__________________
Your arms are broken!

numist

My friend received the email in linux, realized what it was, and installed windows just so he could be part of the ddos.

I think I may contract it myself for the same purpose.

After all, the ends justify te means, do they not?
and KWSN - HAHAHAHAHAHA

bermuDa

A client of mine had about 35 quarantined e-mails that might've had the virus. No damage was done but he was still freaked out over it.

__________________
I am the very model of a moderator gentleman.

Redlemon

The damn thing is also inventing its own TO addresses. I have a domain, and I'm receiving about 10 a day to addresses that I've never set up.

__________________
I can't read your signature. Sorry.

tinfoil

Indeed it is, redlemon.

This one came on fast and tapered off fast as well. At work here, the gateway was picking them off at a rate of 6 a minute at it's peak, then tapering off to about 1 a minute for most of yesterday night and this AM.

All of a sudden they stopped. Very wierd.

__________________
Get off your fuckin cross. We need the fuckin space to nail the next fool martyr.

hawkeye

*rereads*
*falls off chair laughing*

__________________
You're not fat,
You're just a giant ball
of love, covered in anger.

Crack

Hell, open all e-mails from strangers! Just don't open the attachment, that's all.

__________________
Crack, you and I are long overdue for a vicious bout of mansex.

~Halx

merkerguitars

Yeah I don't get some people.....it's common sense that I wish most people had

__________________
Donate now! Ask me How!

Please use the search function it is your friend.

Look at my mustang please feel free to comment!

http://www.tfproject.org/tfp/showthread.php?t=26985

runman

Go out and buy a decent operating system eh? You could drive a truck throught the sloppy mess that is windoze!

one OS to rule them all... X

teseniarkc

I think SCo deserves this. How are they going to sue when Linux is virtually built by everyday users that download it off of the internet and send back improvements to make the OS better. WTF! Every OS that I have seen steals from the other. Look at Bill Gates for example. He lied, cheated, and now he is rich. That is the way this world works. I don't know how this is going to be proved the amount of line code there is.

indiretto

What is SCO? A virus hit my comp yesterday. I don't know if it was this one, I rarely use e-mail but I have a friend who was checking his on my computer yesterday. What ever hit my computer fraged my whole computer. I lost everything and had to write zeros to my HD, bummer for me. So far my HD and computer seem to be doing ok with the reinstall though. As for all you Linux users out there I'm still playing with it. I’m impressed with how far Linux has come in the last few years; soon it will be as easy to use, and as compatible as Windows, its pretty close now, keep up the good work.

__________________
Happy Tree Friends... It’s more fun than a stick.

Jizzosh

Wow, I'm soo glad I don't do the security engineer thing anymore. Otherwise I'd be looking at those 12 hour days.

__________________
I'm never gonna know you now...
but I'm gonna love you anyhow
-Elliott Smith

viper11885

Luckily, I don't open any attachments which I don't expect. Even from friends. But we usually do things over icq so I know what is going to be sent as an attachment by email. Helps keep things more secure as I don't need to open any emails at all that I don't expect.

riptide4070

no virus on my cpu, better knock on wood though

__________________
"the greatest trick the devil ever pulled, was making the world believe he didn't exist" -Kevin Spacey 'The Usual Suspects'

soccerchamp76

Could someone explain this thing between ddos, SCO, Linux, Windows, etc?
I have read all of these in this thread and I am very lost. What was the virus designed for? And what does it do on the site.


Edit: Googled and found out that it is an attack on the SCO site because of the lawsuit between Linux open-sourcer's and SCO.

If you have the virus, how will you know you have it and what does it do?

__________________
Brian Griffin: Ah, if my memory serves me, this is the physics department.
Chris Griffin: That would explain all the gravity.

santafe5000

Guess this could also explain the slowness of the net foe the pasrt few days. My pages have been very slow in loading. Several times i couldn't log onto MSN. Lots of emails clogging the system. Haven't gotten any of the e-mails myself. Good VS program.

__________________
When all else fails, QUIT.

punx1325

My internet at school goes down daily because of this virus. The bastards that create these viruses need to be drug out in the street and shot. I have 2 online classes and can never get any work done. What is wrong with these people who have nothing better to do than make other peoples life hell???

__________________
If something seems too good to be true, then it probably is....

Blistex

When are people gonna get it through their head that jokes attached to e-mails are seldom funny and are not worth the cost of re-installing your pc and having to explain to the boss why every computer in the office is now fragged!

Women are the worst. I used to have a summer job at an office and every day they'd open the same attachments and every day norton would go ape shit trying to keep up.

jwells777

Honestly in the past, if you didn't want your computer infected, it was relatively easy to avoid being infected. These days...computers are infected so quickly and easily. This summer I had to reinstall my research computer due to the blaster worm. While reinstalling, and before I could apply the patch, the computer was infected again...so irritating.