Doolally
27-Jan-04, 19:22
This is a CBS News exert. I've had about 100 of these already today and it's doing my head in!!! Luckily enough I have Norton Antivirus 2004 and it seems to be getting rid of them when my email comes in.
One to Watch out for.
Cheers
Doolally
'High Alert' For New Internet Worm Jan. 27, 2004
(CBS) Anti-virus software companies are warning of a new e-mail worm that is "generating e-mail at a faster rate than SoBig," according to Network Associate's Megan Grentner. The company has classified the worm, dubbed "Mydoom" as "high alert." The worm is also known as "Novarg" or "W2.novarg."
Symantec has given Mydoom a rating of four on a five point scale. They have never issued a five, so the company considers it "a very serious threat," according to Sharon Ruckman, Symantec's Senior Director of Security Response.
The virus infects machines running Microsoft Windows. It does not go after Macintosh and other operating systems.
Although I haven't been infected, I've received several e-mails containing the virus, including two from fellow technology journalists. I would have been infected, had I clicked on the attached files.
The email containing the worm may look like a message from a system administrator with a subject line such as "Mail Delivery System," "Mail Transaction Failed" or "Test." The subject line might also say "hi" or something else. The message will contain an attached file and may also contain some text such as "The message contains Unicode characters and has been sent as a binary attachment" or "The message cannot be represented in 7-bit ASCII encoding and has been sent as a binary attachment."
The actual virus is contained in an executable attached file that could be a zip file such as "document.zip" or "doc.zip." You will become infected if you click on that attached file.
The virus, according to Ruckman, will plant a "key logging" program on your computer that can record your keystrokes and collect user names and passwords. It also opens up a backdoor to your system that makes it easier for a hacker to break in.
If your machine is infected, it will help spread the virus by sending it to people in your address book which is why I received copies of it from people I know.
Symantec says that it also launches a denial of service attack against the Web site of Santa Cruz Operations, a Lindon, Utah software company that is involved in legal actions against IBM and other companies regarding the Linux operating system. A spokesperson for Santa Cruz Operations would not confirm that the company has been under attack but the company's Web site, www.sco.com, was responding slowly Monday afternoon and Tuesday morning. There are some reports that the worm will cause infected computers to launch a denial of service attack against Santa Cruz Operations on Feb. 1.
The worm is having an impact on overall Internet performance according to Keynote Systems, a performance-monitoring firm in San Mateo, Calif. The company said that "The performance of the top 40 business Web sites in the United States slowed down with average download speeds averaging over 4.0 seconds," compared to a typical speed of 2 to 3 seconds.
Keynote said that performance improved Tuesday morning but was still slightly slower than normal.
Mydoom follows closely on the heels of the Bagel worm that spread through email systems last week.
As always, your best defense against viruses and worms includes never opening attached files - even if from someone you know - unless you are expecting them. You should also be running anti-virus software that is regularly updated over the Internet.
One to Watch out for.
Cheers
Doolally
'High Alert' For New Internet Worm Jan. 27, 2004
(CBS) Anti-virus software companies are warning of a new e-mail worm that is "generating e-mail at a faster rate than SoBig," according to Network Associate's Megan Grentner. The company has classified the worm, dubbed "Mydoom" as "high alert." The worm is also known as "Novarg" or "W2.novarg."
Symantec has given Mydoom a rating of four on a five point scale. They have never issued a five, so the company considers it "a very serious threat," according to Sharon Ruckman, Symantec's Senior Director of Security Response.
The virus infects machines running Microsoft Windows. It does not go after Macintosh and other operating systems.
Although I haven't been infected, I've received several e-mails containing the virus, including two from fellow technology journalists. I would have been infected, had I clicked on the attached files.
The email containing the worm may look like a message from a system administrator with a subject line such as "Mail Delivery System," "Mail Transaction Failed" or "Test." The subject line might also say "hi" or something else. The message will contain an attached file and may also contain some text such as "The message contains Unicode characters and has been sent as a binary attachment" or "The message cannot be represented in 7-bit ASCII encoding and has been sent as a binary attachment."
The actual virus is contained in an executable attached file that could be a zip file such as "document.zip" or "doc.zip." You will become infected if you click on that attached file.
The virus, according to Ruckman, will plant a "key logging" program on your computer that can record your keystrokes and collect user names and passwords. It also opens up a backdoor to your system that makes it easier for a hacker to break in.
If your machine is infected, it will help spread the virus by sending it to people in your address book which is why I received copies of it from people I know.
Symantec says that it also launches a denial of service attack against the Web site of Santa Cruz Operations, a Lindon, Utah software company that is involved in legal actions against IBM and other companies regarding the Linux operating system. A spokesperson for Santa Cruz Operations would not confirm that the company has been under attack but the company's Web site, www.sco.com, was responding slowly Monday afternoon and Tuesday morning. There are some reports that the worm will cause infected computers to launch a denial of service attack against Santa Cruz Operations on Feb. 1.
The worm is having an impact on overall Internet performance according to Keynote Systems, a performance-monitoring firm in San Mateo, Calif. The company said that "The performance of the top 40 business Web sites in the United States slowed down with average download speeds averaging over 4.0 seconds," compared to a typical speed of 2 to 3 seconds.
Keynote said that performance improved Tuesday morning but was still slightly slower than normal.
Mydoom follows closely on the heels of the Bagel worm that spread through email systems last week.
As always, your best defense against viruses and worms includes never opening attached files - even if from someone you know - unless you are expecting them. You should also be running anti-virus software that is regularly updated over the Internet.