LATEST SECURITY THREATS
30th June 2004 - SYMANTEC.com
W32.Gaobot.AUS
| Discovered on: June 28, 2004 |
| Last Updated on: June 29, 2004 04:43:47 PM |
W32.Gaobot.AUS is a repacked variant of W32.Gaobot.SN . The worm spreads through open network shares and through backdoors that the Mydoom family of worms open. It allows attackers to access an infected computer using a predetermined IRC channel.
|
|
|
|
| Type: |
Worm |
| Infection Length : |
55,296 bytes |
|
|
|
|
|
|
| Systems Affected : |
Windows 2000, Windows 95, Windows 98, Windows Me, Windows NT, Windows XP |
| Systems Not Affected : |
DOS, Linux, Macintosh, Novell Netware, OS/2, UNIX, Windows 3.x |
|
|
|
22 April 2004- SYMANTEC.com
The W32.Netsky.Z@mm
| Discovered on: April 21, 2004 |
| Last Updated on: April 22, 2004 09:45:59 AM |
The W32.Netsky.Z@mm worm is a Netsky variant that scans for the email addresses on all non-CD-ROM drives on an infected computer. Then, the worm uses its own SMTP engine to send itself to the email addresses that it finds.
The From line of the email is spoofed, and its Subject, Message, and Attachment vary. The attachment has a .zip extension.
| Also Known As : |
W32/Netsky.z@MM [McAfee] |
|
|
| Type: |
Worm |
| Infection Length : |
22,016 bytes |
|
|
|
|
|
|
| Systems Affected : |
Windows 2000, Windows 95, Windows 98, Windows Me, Windows NT, Windows Server 2003, Windows XP |
| Systems Not Affected : |
Linux, Macintosh, OS/2, UNIX |
08 March 2004 - SYMANTEC.com
W32.Netsky.K@mm
| Discovered on: March 08, 2004 |
| Last Updated on: March 09, 2004 11:11:11 AM |
W32.Netsky.K@mm is a mass-mailing worm that uses its own SMTP engine to send itself to the email addresses it finds when scanning hard drives and mapped drives.
The "sender" of the email is spoofed, and its subject, message body, and attachment vary. The attachment has a .pif extension.
This threat is compressed with tElock.
Notes:
- Symantec Consumer products that support the Worm Blocking functionality automatically detect this threat as it attempts to spread.
- The worm has an MD5 hash value of 0xE26BC65552359A226CE6589E60C22151.
- Symantec Security Response has developed a removal tool to clean the infections of W32.Netsky.K@mm.
07 March 2004 - SYMANTEC.com
W32.Netsky.I@mm
| Discovered on: March 07, 2004 |
| Last Updated on: March 07, 2004 09:38:58 AM |
W32.Netsky.I@mm is a mass-mailing worm that uses its own SMTP engine to send itself to the email addresses it finds when scanning hard drives and mapped drives.
The Subject, Body, and Attachment vary.
|
|
|
|
| Type: |
Worm |
| Infection Length : |
22016 |
|
|
|
|
|
|
| Systems Affected : |
Windows 2000, Windows 95, Windows 98, Windows Me, Windows NT, Windows Server 2003, Windows XP |
| Systems Not Affected : |
DOS, Linux, Macintosh, Microsoft IIS, OS/2, UNIX, Windows 3.x |
17 Febuary 2004 - SYMANTEC.com
W32.Beagle.B@mm
| Discovered on: February 17, 2004 |
| Last Updated on: February 17, 2004 05:12:21 PM |
W32.Beagle.B@mm is a mass-mailing worm that opens a backdoor on TCP port 8866.
Note: Security Response is currently investigating this worm and will post more information as it becomes available.
The email has the following characteristics:
Subject: ID <6 random characters>... thanks
Attachment: <7 random characters>.exe
Notes:
- Beta definitions 27975, dated Feb 17 5:20AM PT, or later will detect this threat.
- Initial builds may detect this treat as W32.Alua@mm or W32.Aula@mm.
| Also Known As : |
W32.Alua@mm, Win32/Bagle.B.Worm [Computer Associates], Bagle.B [F-Secure], W32/Bagle.b@MM [McAfee], W32/Bagle.B@mm [Norman], WORM_BAGLE.B [Trend Mirco], W32/Bagle.B.worm [Panda], W32/Tanx-A [Sophos] |
|
W32.HLLW.Deadhat
- SYMANTEC.com
| Discovered on: February 06, 2004 |
| Last Updated on: February 07, 2004 02:12:23 PM |
W32.HLLW.Deadhat is a worm with backdoor capabilities. It attempts to uninstall the W32.Mydoom.A@mm and W32.Mydoom.B@mm worms, then spreads to other systems that are infected with Mydoom. It also spreads through the Soulseek file-sharing program.
This worm may be found as a file named "sms.exe" in the %System% directory.
Note: %System% is a variable. The worm locates the System folder and copies itself to that location. By default, this is C:\Windows\System (Windows 95/98/Me), C:\Winnt\System32 (Windows NT/2000), or C:\Windows\System32 (Windows XP).
| Also Known As : |
Vesser [F-Secure] |
|
|
| Type: |
Worm |
| Infection Length : |
55kb |
|
|
|
|
|
|
| Systems Affected : |
Windows 2000, Windows 95, Windows 98, Windows Me, Windows NT, Windows Server 2003, Windows XP |
| Systems Not Affected : |
DOS, Linux, Macintosh, OS/2, UNIX, Windows 3.x |
|
|
|
|
|
|
|
LATEST NEWS..
|
|
Major 3D animation of the future for NEC complete
3D animation for NEC completed ahead of schedule
read more...
|
home
3D Visualisations work completed on a major engineering presentations
read more...
|
Now offering presentations support service including consultation, 3D visualisations and DVD presentations
read more...
|
Virtual Tours
Virtual Tour service used by local councils
read more...
|
Green Place launches by summit seven
Summit Seven launches Green Place a totaly green directory
read more...
|
read more...
|
|
PLEASE NOTE: the contents of this page is for your information only, the source of the information is from Symantec.com we do not claim any information relating to latest virus alerts is supplied by Summit Seven, and we do not claim that symantec.com in any way endorses this website. We have posted this information to summary information that can be gained in detail by clicking on any links diectly to Symantec.com. |
