| TIP: Click on subject to list as thread! | ANSI |
| echo: | |
|---|---|
| to: | |
| from: | |
| date: | |
| subject: | [drakelist] Virus Alert: MyDoom Worm |
From: "Thom R. Lacosta" Subject: [drakelist] Virus Alert: MyDoom Worm Folks....I am getting HUNDREDS of messages telling me that the drakelist is sending out virus-infected emails...which isn;t correct, since the list doesn't allow attachments. What is happening is that some folks who have the list address in their addressbooks, etc have been infected. The message below explains the virus...hope it helps you. If you're already protected, not immune, etc., forgive the bandwidth...if you need to get rid or the virus, there are links below that will be of assistance. 73 Thom http://www.baltimorehon.com/ Home of the Baltimore Lexicon http://www.tlchost.net/ Web Hosting as low as 3.49/month ---------- Forwarded message ---------- Date: Tue, 27 Jan 2004 17:02:08 -0500 (EST) From: BCPL.NET SysAdmin To: BCPL.NET News Subject: BCPL.NET NEWS: Virus Alert: MyDoom Worm ------------------------ VIRUS ALERT: MYDOOM WORM ------------------------ On January 26th a new worm called "MyDoom" began spreading very rapidly across the Internet via e-mail and via KaZaA file sharing. It is also known by a variety of other names: "Novarg", "Mimail.R", "Shimgapi", "Shimg", and several variations on the word "MyDoom". We have seen a large number of MyDoom-infected e-mails here at BCPL.NET. Most virus information Web sites rate the MyDoom Worm as very dangerous due to the very rapid speed at which it is spreading. The MyDoom Worm infects PCs running Windows 95, Windows 98, Windows 2000, Windows NT, Windows ME, Windows XP, and Windows 2003 Server. It does not infect DOS, Macintosh, UNIX or Windows 3.x computers. How The MyDoom Worm Spreads --------------------------- MyDoom is spread in the form of an e-mail file attachment that installs the worm on the target PC if the attachment is opened. It also spreads via KaZaA peer-to-peer file sharing. Via E-Mail: ---------- When a PC becomes infected, MyDoom compiles a list of target e-mail addresses from addresses found in the address book, in saved e-mail, and in other files on the infected computer. It then mails infected file attachments to all those addresses. It does this each time the infected PC boots up and connects to the Internet. The e-mail carrying the infected file attachment is in the following format: >From Address: Selected by the virus from its list of target addresses, so the message may appear to come from someone you know. There is also evidence that the From address is sometimes constructed from common first names with the target domain name added (for example john{at}bcpl.net, mary{at}bcpl.net, etc). To Address: In addition to addresses found on the infected PC, there is also evidence that the To address is sometimes constructed from common first names with the target domain added (for example john{at}bcpl.net, mary{at}bcpl.net, etc). Subject: Chosen at random from the following list: - error - hello - hi - mail delivery system - mail transaction failed - server report - status - test - [any random collection of characters] The words on the Subject line may or may not be capitalized. Message Text: Chosen at random from the following list: - test - Mail transaction failed. Partial message is available. - The message contains Unicode characters and has been sent as a binary attachment. - The message cannot be represented in 7-bit ASCII encoding and has been sent as a binary attachment. ---* Origin: The Barter Board Internet Gatway (1:261/1551) SEEN-BY: 633/267 270 @PATH: 261/1551 1352 38 123/500 106/2000 633/267 |
|
| SOURCE: echomail via fidonet.ozzmosis.com | |
Email questions or comments to sysop@ipingthereforeiam.com
All parts of this website painstakingly hand-crafted in the U.S.A.!
IPTIA BBS/MUD/Terminal/Game Server List, © 2025 IPTIA Consulting™.