This offers further proof that a bidirectional personal firewall is a must. According to Symantec, "while the worm will stop on February 12, , the backdoor component will continue to function after this date. Symantec offers numerous virus-specific removal tools on its Web site that can help remove and mitigate any resultant damage.
One final note: While e-mail attachments are handy tools for conducting business, keep in mind that e-mail attachments with the file extensions. In the words of British statesman and philosopher Edmund Burke, "Better be despised for too anxious apprehensions, than ruined by too confident security.
Here are the latest Insider stories. More Insider Sign Out. Sign In Register. Sign Out Sign In Register. Latest Insider. Check out the latest Insider stories here. The other DDoS attack launches 14 threads against www. The hosts file in the infected machines will be modified so that domains belonging to Anti-Virus companies and other commercial sites are resolved to the IP address 0. The file is encrypted within the worms code and contain the following:.
Which will make the site inaccessible. The 3rd of February the entry will be removed so the attack can be performed, which will probably cause some difficulties reaching it, if the DDoS is successful. The modifications in the hosts file are probably targeted so that customers of the most widespread Anti-Virus products can't download new updates to disinfect the worm.
The email messages sent by the worm have the following characteristics: Subjects can be any of the following:. As with older Mydoom variants, Mydoom. B collects addresses from Windows' Address Book and from files with extension:. Once an address is chosen from the list of harvested addresses, the worm will send an email to addresses in the same domain but to accounts like:. Javascript is disabled in your web browser For full functionality of this site it is necessary to enable JavaScript.
Classification Category :. Type :. Aliases :. Summary This type of worm is embedded in an email attachment, and spreads using the infected computer's emailing networks. Automatic action Based on the settings of your F-Secure security product, it will either move the file to the quarantine where it cannot spread or cause harm, or remove it.
Manual Disinfection Caution: Manual disinfection is a risky process; it is recommended only for advanced users. B, it is necessary to locate the file "hosts" and delete all the lines referring to Anti-Virus vendors and other commercial sites. The lines added by the worm are listed later in this page.
Suspect a file is incorrectly detected a False Positive? But businesses and e-mail providers were much better prepared for the assault than with previous bugs, limiting MyDoom's damage. Be respectful, keep it civil and stay on topic. We delete comments that violate our policy , which we encourage you to read. Discussion threads can be closed at any time at our discretion.
MyDoom virus declared worst ever The e-mail virus is only a few days old and still growing, but at least one security firm is ready to crown it as the worst in history. David Becker. The MyDoom e-mail virus is only a few days old and still growing, but at least one security firm is ready to crown it as the worst ever.
Discuss: MyDoom virus declared worst ever.
0コメント