[IP] more on spam flood

To: ip@xxxxxxxxxxxxxx
Subject: [IP] more on spam flood
From: Dave Farber <dave@xxxxxxxxxx>
Date: Mon, 26 Jan 2004 18:50:39 -0500
List-help: <http://v2.listbox.com/doc/help_sub?list_name=ip@v2.listbox.com>
List-id: <ip@xxxxxxxxxxxxxx>
List-software: listbox.com v2.0
List-subscribe: <mailto:subscribe-ip@v2.listbox.com>, <http://v2.listbox.com/subscribe/?listname=ip@v2.listbox.com>
List-unsubscribe: <mailto:unsubscribe-ip@v2.listbox.com>, <http://v2.listbox.com/member/unsubscribe/?listname=ip@v2.listbox.com>
Reply-to: dave@xxxxxxxxxx
Sender: owner-ip@xxxxxxxxxxxxxx


From: Declan McCullagh <declan@xxxxxxxx>

At 06:01 PM 1/26/2004, Dave Farber wrote:

I am getting flooded with piles of spam with an attached zip file. Isanyone else


Dave,
Yes, it's pretty awful. Here's our coverage:

http://news.com.com/2100-7349_3-5147605.html?tag=nefd_top



New virus hitting in-boxes

By <mailto:rob.lemos@xxxxxxxx?subject=FEEDBACK:New virus hittingin-boxes>Robert Lemos

Staff Writer, CNET News.com

<http://news.com.com//2100-7349_3-5147605.html?tag=prntfr>http://news.com.com/2100-7349-5147605.html


Story last modified January 26, 2004, 2:46 PM PST

Antivirus firms on Monday warned of a new mass-mailing computer virus thathas gained a foothold in a large number of PCs by masquerading as an e-mailerror.

The virus--known as MyDoom, Novarg and as a variant of the Mimail virus bydifferent antivirus firms--arrives in an in-box with one of severaldifferent random subject lines such as "Mail Delivery System," "Test" or"Mail Transaction Failed." The body of the e-mail contains an executablefile and a statement such as: "The message contains Unicode characters andhas been sent as a binary attachment."


1438c852.jpg

1438c852.jpg

1438c852.jpg

1438c852.jpg

1438c852.jpg

1438c852.jpg

Get Up to Speed on...

<http://news.com.com/2001-7355_3-0.html?tag=gutspro>Enterprisesecurity<http://news.com.com/2001-7355_3-0.html?tag=gutspro>

1438c898.jpg

Get the latest headlines and
company-specific news in our
expanded GUTS section.
1438c852.jpg

1438c852.jpg

1438c852.jpg

1438c852.jpg

"It's huge," said<http://news.com.com//2008-7355-5147477.html?tag=nl>Vincent Gullotto, vicepresident of security software maker Network Associates' antivirusemergency response team. "We have it as a high-risk outbreak."

In one hour, Network Associates itself received 19,500 e-mails bearing thevirus from 3,400 unique Internet addresses, Gullotto said. One largetelecommunications company had already shut down its e-mail gateway to stopthe virus.

Antivirus firms were scrambling Monday afternoon to learn more about thevirus, which started spreading around 1 p.m. PST.

"A lot of the information is encrypted, so we have to decrypt it," saidSharon Ruckman, senior director for antivirus software maker Symantec'ssecurity response center. Symantec has had about 40 reports of the virus inthe first hour, a high rate of submission, Ruckman said.

Antivirus firms are still analyzing the virus. Variations in the body textinclude, "The message cannot be represented in 7-bit ASCII encoding and hasbeen sent as a binary attachment."

The virus also seems to install another program on the victim's computer,but until the antivirus firms decrypt the program's code, the purpose ofthe file is unknown.

Mail systems that remove executable files from e-mails can stop the programfrom spreading


-------------------------------------
You are subscribed as roessler@xxxxxxxxxxxxxxxxxx
To manage your subscription, go to
 http://v2.listbox.com/member/?listname=ip

Archives at: http://www.interesting-people.org/archives/interesting-people/

Prev by Date: [IP] more on spam flood
Next by Date: [IP] Musicians Looking To Let Internet Replace Record Cos
Previous by thread: [IP] more on spam flood
Next by thread: [IP] Musicians Looking To Let Internet Replace Record Cos
Index(es):
- Date
- Thread