Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

MyTob Worm


  • Please log in to reply
1 reply to this topic

#1 Starbuck

Starbuck

    'r Brudiwr


  • Malware Response Team
  • 4,150 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Midlands, UK
  • Local time:12:30 PM

Posted 13 June 2005 - 02:31 AM

just had an email for Tiscali about the MyTob Worm

This week has seen the outbreak of a new worm called the MyTob worm. To Lineone customers the email uses forged lineone.net email addresses to make the email look genuine. Genuine emails sent from Tiscali do not contain attachments. The forged emails typically appear to be sent from admin@lineone.net, info@lineone.net, support@lineone.net or similar and they contain an attachment that you are encouraged to click on. DO NOT click on any such attachment and resist the temptation to even open such suspicious mail if it contains an attachment. Message subjects to be wary of include:

- YOUR EMAIL ACCOUNT IS SUSPENDED FOR SECURITY REASONS
- Account Alert
- Security measures
- Fw: Notice: **Last Warning**
- DETECTED* Online User Violation
- Important Notification
- *WARNING* Your Email Account Will Be Closed


BBPP6nz.png


BC AdBot (Login to Remove)

 


#2 KoanYorel

KoanYorel

    Bleepin' Conundrum


  • Members
  • 19,461 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:65 miles due East of the "Logic Free Zone", in Md, USA
  • Local time:07:30 AM

Posted 13 June 2005 - 03:10 AM

The latest Mytob attacks send out an e-mail message that contains a fake URL pointing to a Web site that hosts the malicious worm code, security company Sophos said Wednesday. Previously, the worm propagated as an attachment in the message itself. Once the worm was downloaded, it installed a backdoor on a PC and used its own e-mail engine to forward itself to addresses gathered from the infected computer.


More at "Mytob worm picks up phishing trick"
The only easy day was yesterday.

...some do, some don't; some will, some won't (WR)




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users