Mydoom/Novarg is Fastest Spreading Worm EverThe fastest spreading worm ever packs a punch, and some new twists. The worm, known as MyDoom.B or W32.Novarg.A@mm, is a mass e-mail worm that is spread via attachments and the Kazaa network. It can arrive in various file types, such as .exe, .cmd, .bat, .pif, .scr or .zip files.The worm has been called "the worst e-mail worm incident in virus history," by F-Secure, a Finish network security company. It has been estimated by Message Labs that 1 in 12 e-mail messages carried on the Internet is generated by the worm. "This is the most aggressive [worm] that we have seen to date," said Mark Sunner, chief technology officer for MessageLabs.
Multiple PunchesOnce activated, the worm:
What to Look ForThe worm sends itself as an attachment to e-mail. Its subject line consists of: "test," "hi," "hello," "Mail Delivery System," "Mail Transaction Failed," "Server Report," "Status," or "Error." The attachment will be named either "document," "readme," "doc," "text," "file," "data," "test," "message," or "body". Don't touch an e-mail with any of these characteristics. Once installed it will search the computer's local and network disks to find any file likely to contain any e-mail addresses. It then uses those e-mail addresses as targets for its randomly generated, virus-infected e-mails. Not to leave the much-maligned file sharing users alone, the worm also copies itself to the default Kazaa file sharing directory. It masquerades itself as a half dozen different popular downloads.
What to Do
See Also
|
For information on reproducting articles on this site, visit http://www.esecurityguy.com/reproduction