Full Disclosure mailing list archives
Re: MyDoom download info
From: Ron DuFresne <dufresne () winternet com>
Date: Fri, 13 Feb 2004 11:11:23 -0600 (CST)
February 12, The Register (UK) - Nachi variant wipes MyDoom from PCs. A new variant of the Nachi worm which attempts to cleanse computers infected by MyDoom and download Microsoft security patches to unprotected computers arrived on the Internet Thursday, February 12. Nachi.B (also called Welchi) uses the same security vulnerability exploited by the Blaster worm to spread. Once it infects target machines the worm attempts to search and destroy any traces of MyDoom infection -- before downloading patches for the Microsoft vulnerability it used to infect the system in the first place. The scanning traffic generated by the original Nachi worm in August 2003 caused huge problems. Anti-virus vendors fear a repeat performance this time around. This concern is compounded by the plethora of new viruses released in recent days. As well as the Doomjuice worms (which target Microsoft's Website in DDoS attacks), we have MyDoom and variants and now a Nachi variant. Thursday also saw the arrival of a Trojan, called Mitglieder.H, with the ability to spread to computers infected with the MyDoom.A worm. Source: http://www.theregister.co.uk/content/56/35524.html Thanks, Ron DuFresne On Fri, 6 Feb 2004, B$H wrote:
Hi all! I've heard about a tool what disinfect the mydoomed system remotely.. do you know about it anything? B$ _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ "Cutting the space budget really restores my faith in humanity. It eliminates dreams, goals, and ideals and lets us get straight to the business of hate, debauchery, and self-annihilation." -- Johnny Hart ***testing, only testing, and damn good at it too!*** OK, so you're a Ph.D. Just don't touch anything. _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- Re: MyDoom download info Nico Golde (Jan 31)
- <Possible follow-ups>
- Re: MyDoom download info Valdis . Kletnieks (Jan 31)
- Re: MyDoom download info Nick FitzGerald (Jan 31)
- Re[2]: MyDoom download info Thierry (Jan 31)
- Re[2]: MyDoom download info J.A. Terranson (Jan 31)
- Re: MyDoom download info B$H (Feb 13)
- Re: MyDoom download info Ron DuFresne (Feb 13)
- Re[2]: MyDoom download info Thierry (Jan 31)
- Re: MyDoom download info Roland Dobbins (Jan 31)
- RE: MyDoom download info Steve Wray (Feb 02)