Sponsored Links

New virus Alert

Kits

ULTIMATE Member
It has been posted on other forums warning members of the new threat..

Over the next 36 hours we will start to see the emergence of a new raft of Mydoom variants. Both around 20k in size with multiple subject types, multiple attachment sizes and types.

Mydoom.W and Mydoom.V are emerging at this time in the Philipines and in Australia.

The attachments carried have .doc, .rtf, .zip, .pif, .exe, .txt and .html extensions - plus the likelyhood of others!

The file size varies from 17.5k to 21.6k in size and instead of coming from a garbled sender with a spurious subject message the message uses a new pattern engine. That engine creates a message with combinations of the following christian names and surnames to make it look even more legible.

Christian names: Alex, Alexander, Andrew, Anthony, Barry, Bernard, Bill, Brian, Calvin, Carl, Charles, Christopher, Clifford, Daniel, David, Dennis, Donald, Douglas, Edward, Eric, Francisco, Frank, Gary, George, Gregory, Harold, Henry, James, Jason, Jay, Jeffrey, Jerry, Jim, John, Jon, Jose, Joseph, Joshua, Kenneth, Kevin, Larry, Leon, Leroy, Lloyd, Marcus, Mario, Mark, Matthew, Michael, Micheal, Miguel, Oscar, Patrick, Paul, Peter, Randall, Raymond, Richard, Ricky, Robert, Ronald, Ronnie, Scott, Stephen, Steven, Theodore, Thomas, Timothy, Tom, Tommy, Troy, Walter and William.

Surnames: Adams, Allen, Anderson, Baker, Brown, Campbell, Carter, Clark, Cruz, Davis, Freeman, Garcia, Gomez, Gonzalez, Green, Hall, Harris, Hernandez, Hill, Jackson, Johnson, Jones, King, Lee, Lewis, Lopez, Marshall, Martin, Martinez, Miller, Mitchell, Moore, Murray, Nelson, Ortiz, Parker, Perez, Phillips, Porter, Roberts, Robinson, Rodriguez, Scott, Simpson, Smith, Stevens, Taylor, Thomas, Thompson, Tucker, Turner, Walker, Webb, Wells, White, Williams, Wilson, Wright and Young.

In a further trick on infection it searches for email addresses to send out using it's own SMTP engine that uses EITHER the host SMTP outbound path to your ISP OR if unavailable then hardcoded SMTP servers on port 25 (yet another reason to block). It searches the infected pc for html, word .doc, excel .xls, saved html pages as well as interogating both Yahoo Messenger and MSN Messenger for addresses to propogate to.
__________________

Watch out for this virus and be vigilant everyone...
 
Top
Cheap BIG ISPs for 100Mbps+
Community Fibre UK ISP Logo
150Mbps
Gift: None
Virgin Media UK ISP Logo
Virgin Media £22.99
132Mbps
Gift: None
Vodafone UK ISP Logo
Vodafone £24.00 - 26.00
150Mbps
Gift: None
NOW UK ISP Logo
NOW £24.00
100Mbps
Gift: None
Plusnet UK ISP Logo
Plusnet £25.99
145Mbps
Gift: £50 Reward Card
Large Availability | View All
Cheapest ISPs for 100Mbps+
Gigaclear UK ISP Logo
Gigaclear £17.00
200Mbps
Gift: None
Community Fibre UK ISP Logo
150Mbps
Gift: None
Virgin Media UK ISP Logo
Virgin Media £22.99
132Mbps
Gift: None
Hey! Broadband UK ISP Logo
150Mbps
Gift: None
Youfibre UK ISP Logo
Youfibre £23.99
150Mbps
Gift: None
Large Availability | View All
Sponsored Links
The Top 15 Category Tags
  1. FTTP (6026)
  2. BT (3639)
  3. Politics (2721)
  4. Business (2439)
  5. Openreach (2405)
  6. Building Digital UK (2330)
  7. Mobile Broadband (2146)
  8. FTTC (2083)
  9. Statistics (1901)
  10. 4G (1816)
  11. Virgin Media (1764)
  12. Ofcom Regulation (1582)
  13. Fibre Optic (1467)
  14. Wireless Internet (1462)
  15. 5G (1407)
Sponsored

Copyright © 1999 to Present - ISPreview.co.uk - All Rights Reserved - Terms  ,  Privacy and Cookie Policy  ,  Links  ,  Website Rules