|
|
 
- Panda Software reports the appearance
of variant B of the Mydoom worm -
Oxygen3 24h-365d, by Panda Software (http://www.pandasoftware.com)
Madrid, January 28, 2004 - Even though incidents caused by Mydoom.A.worm are
still on the rise, PandaLabs has already detected variant B of this worm:
Mydoom.B.worm.
This new variant is even more dangerous than its predecessor, as it is
designed to prevent several antivirus programs from updating correctly.
This, nevertheless, does not affect Panda Software antivirus solutions.
Like Mydoom. A, the new worm is designed to attack and saturate networks of
any size. To do this, it searches e-mail addresses in the Outlook Address
Book as well as in computer files with the extensions: .htm, .sht, .php,
.asp, .dbx, .tbb, .adb, .pl, .wab, .txt. Then, the worm uses its own SMTP
engine to send itself by e-mail. Mydoom.B.worm also spreads via KaZaA.
Mydoom.B.worm also modifies the Windows hosts file. By doing this, it
manages to redirect certain Internet addresses -including those of several
antivirus vendors - so that, when users try to access them, the Internet
browser shows an error message indicating that the page could not be found.
In this way, it prevents several antivirus programs from updating properly.
Unlike Mydoom.A, this new malicious code has been designed to launch DoS
(Denial of Service) attacks against the Microsoft Corporation servers.
Panda Software has already made the updates to its products available to its
clients to ensure their solutions can detect and eliminate Mydoom.B. Even
though Panda Software's products can be automatically updated every day,
those whose software is not configured to update automatically, should
update their solutions from http://www.pandasoftware.com/.
Users can also detect this and other malicious code using the free, online
antivirus, Panda ActiveScan, which is available on the company's website at
http://www.pandasoftware.com/.
Finally, the epidemic caused by the Mydoom.A worm shows no signs of
cooling. The number if infected e-mails that are in circulation is
continuously increasing, which means that the possibility of becoming
infected by Mydoom.A is still very high. Mydoom.A.worm has infected seven
times more computers than Bugbear.B, the second virus most frequently
detected by the online antivirus Panda ActiveScan.
Everything seems to indicate that the writer or writers of these two worms
aim at putting as many copies of their creations as possible in circulation.
In this way, on the dates when the denial of service attacks are set to
occur, there will be more possibilities for these to be successful.
Detailed technical information on Mydoom.A.worm and Mydoom.B.worm is
available from Panda Software's Virus Encyclopedia.
More detailed information on Mydoom.A.worm and Mydoom.B.worm is available
from Panda Software's Virus Encyclopedia, at
http://www.pandasoftware.com/virus_info/encyclopedia/.
NOTE: The addresses above may not show up on your screen as single lines.
This would prevent you from using the links to access the web pages. If this
happens, just use the cut and paste options to join the pieces of the
URL.
|
|
|
 |
|
No Comments Allowed for Anonymous, please register |
|
| |
|
Login |
|
 |
|
|
|
|
· New User? · Click here to create a registered account.
|
|
|
Article Rating |
|
|
|
|
|
|
Average Score: 0
Votes: 0
|
|
|
