Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

MS04-011: MYTOB.AR - New MEDIUM RISK version


  • Please log in to reply
No replies to this topic

#1 harrywaldron

harrywaldron

    Security Reporter


  • Members
  • 509 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Roanoke, Virginia
  • Local time:07:50 PM

Posted 30 May 2005 - 05:36 PM

Trend and Secunia Virus Information have issued MEDIUM RISK alerts for MYTOB.AR

Click these urls below for more information:

MYTOB.AR - Secunia alert MEDIUM RISK

TREND MICRO - MEDIUM RISK

MYTOB.CU - Symantec

W32/Mytob.bh - McAfee (DAT 4502)

As of May 30, 2005 3:08 AM (PDT/GMT-7:00), TrendLabs has declared a MEDIUM risk alert in order to control the spread of WORM_MYTOB.AR. TrendLabs has received several infection reports indicating that this worm is currently spreading in Australia, China, Hongkong, India, Japan, Korea, Philippines, Taiwan, and the United States.

Similar to other MYTOB variants, this memory-resident worm propagates by sending a copy of itself as an attachment (file size is around 29,868 to 29,882 bytes) to an email message, which it sends to target recipients using its own Simple Mail Transfer Protocol (SMTP) engine.


Subject: (any of the following)
{Random}
*DETECTED* Online User Violation
*IMPORTANT* Please Validate Your Email Account
*IMPORTANT* Your Account Has Been Locked
*WARNING* Your Email Account Will Be Closed
Account Alert
Email Account Suspension
Important Notification
Notice of account limitation
Notice: **Last Warning**
Notice:***Your email account will be suspended***
Security measures
Your email account access is restricted
Your Email Account is Suspended For Security Reasons

Attachment: (any combination of the following file names and extension names)

File name:
{random}
account-details
document
document_full
email-doc
email-info
info
information
info-text
instructions
your_details

Extension name:
BAT
CMD
EXE
PIF
SCR
ZIP


Edited by harrywaldron, 30 May 2005 - 05:37 PM.


BC AdBot (Login to Remove)

 





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users