[IP] New version of Mydoom on the loose
Delivered-To: dfarber+@xxxxxxxxxxxxxxxxxx
Date: Wed, 28 Jan 2004 15:24:08 -0500
From: mike m <mmartin@xxxxxxxxxxx>
Subject: New version of Mydoom on the loose
To: Dave Farber <dave@xxxxxxxxxx>
Hello Dave,
ComputerWorld
http://tinyurl.com/2o4oe
New version of Mydoom on the loose
This variant targets Microsoft, blocks access to antivirus sites
Story by Linda Rosencrance
JANUARY 28, 2004 ( COMPUTERWORLD )
A new variant of the Mydoom virus has just emerged, several security
companies are reporting this afternoon.
Mydoom.b variant has a larger payload and targets Microsoft's Web site
for a distributed denial-of-service attack on Feb. 1, instead of The
SCO Group Inc., according to London-based security vendor Mi2g Ltd.
"This new variant of Mydoom is worse than Mydoom.A," Ken Dunham,
director of malicious code at iDefense Inc. in Reston, Va., said in a
statement. "It modifies the hosts file to block access to antivirus
Web sites and is configured differently from Mydoom.A." It also opens
up a different Transmission Control Protocol port.
Mi2G said there are some minor changes to the text padding as well.
It's possible Mydoom.b is being disseminated via infected computers
turned into "zombies" by Mydoom.a, as well as via the file-sharing
system Kazaa, the company said.
"This could turn the whole Mydoom episode into a much more adverse
series of unfortunate events," the company said.
--
-= mike =-
mailto:mmartin@xxxxxxxxxxx
-------------------------------------
You are subscribed as roessler@xxxxxxxxxxxxxxxxxx
To manage your subscription, go to
http://v2.listbox.com/member/?listname=ip
Archives at: http://www.interesting-people.org/archives/interesting-people/