InfoWeek reports new variations of Mytob worm circulating:
http://www.informationweek.com/story/showA...cleID=159907336
The worm spreads itself by mass emails often with the subject "mail transaction failed" or "error" and also spreads itself by exploiting the LSASS vulnerability in Windows which was patched by MS in April 2004.
See also:
http://news.zdnet.com/2100-1009_22-5644978.html
Regards,
John
Full Version: Eight variations of Mytob worm in five days
Yes, Sophos has been quite diligent in reporting them lately.
I'm certain other anti-virus/security companies have been also.
I believe each of the Mytob has had the filenames identified and they are in our
startup database now, having been added over the course of the last few weeks.
The database can respond to a query of the name of the trojan/virus/worm/etc.
(ie: Mytob) and you'll see we list the variants A, B, D, G, J, N & F.
It might also be mentioned that the Virus Alerts that Sophos emails on request
do not report them in alphabetical sequence.
Perhaps due to the way the testing is done.
It is basically A before D, but some variations exist.
You'll also note that clicking on the link to any particular malware type
will provide details, such as the vulnerability that is being exploited.
In regards to Sophos Virus Alert details, the advanced tab will explain the
processes each involves to the greatest degree.
Of course no better way of demonstrating the NEED for Windows Updates if you run that OS can be made, than to cite the effectiveness of any infection despite the "cure" being out there. I wish everyone updated regularly.
I'm certain other anti-virus/security companies have been also.
I believe each of the Mytob has had the filenames identified and they are in our
startup database now, having been added over the course of the last few weeks.
The database can respond to a query of the name of the trojan/virus/worm/etc.
(ie: Mytob) and you'll see we list the variants A, B, D, G, J, N & F.
It might also be mentioned that the Virus Alerts that Sophos emails on request
do not report them in alphabetical sequence.
Perhaps due to the way the testing is done.
It is basically A before D, but some variations exist.
You'll also note that clicking on the link to any particular malware type
will provide details, such as the vulnerability that is being exploited.
In regards to Sophos Virus Alert details, the advanced tab will explain the
processes each involves to the greatest degree.
QUOTE
exploiting the LSASS vulnerability in Windows which was patched by MS in April 2004.
Of course no better way of demonstrating the NEED for Windows Updates if you run that OS can be made, than to cite the effectiveness of any infection despite the "cure" being out there. I wish everyone updated regularly.
This is a "lo-fi" version of our main content. To view the full version with more information, formatting and images, please click here.