BleepingComputer.com: Netsky AG - New variant in-the-wild

Jump to content

Page 1 of 1
  • You cannot start a new topic
  • You cannot reply to this topic

Netsky AG - New variant in-the-wild

#1 User is offline   harrywaldron 

  • Security Reporter
  • PipPipPipPip
  • Find Topics
  • Group: Members
  • Posts: 509
  • Joined: 10-April 04
  • Gender:Male
  • Location:Roanoke, Virginia

  Posted 14 October 2004 - 06:36 AM

Even though the author has been arrested, new versions of this virus family continue to be developed. In fact Netsky.P reamins one of the worst email viruses since Klez.H.

As noted, Secunia provides a good summary of all AV vendors (as many have differing suffixes). Thankfully, this new variant remains low-risk by most AV vendors currently.

Secunia Information
http://secunia.com/virus_information/12662/

McAfee - W32/Netsky.ag@MM
http://vil.nai.com/vil/content/v_128905.htm

Symantec - W32.Netsky.AD@mm (currently rated Level 2)
http://www.sarc.com/avcenter/venc/data/w32.netsky.ad@mm.html
This variant of W32/Netsky is similar to previous variants. It bears the following characteristics:

* constructs messages using its own SMTP engine
* harvests email addresses from the victim machine
* spoofs the From: address of messages

Avoid all EMAIL attachments that end as follows:

.pif
.com
.scr
.bat
.zip
Microsoft Security Journal

#2 User is offline   harrywaldron 

  • Security Reporter
  • PipPipPipPip
  • Find Topics
  • Group: Members
  • Posts: 509
  • Joined: 10-April 04
  • Gender:Male
  • Location:Roanoke, Virginia

Posted 14 October 2004 - 12:10 PM

McAfee just went MEDIUM RISK with DAT 4399 issued
Microsoft Security Journal

Share this topic:


Page 1 of 1
  • You cannot start a new topic
  • You cannot reply to this topic

1 User(s) are reading this topic
0 members, 1 guests, 0 anonymous users