Security Incidents mailing list archives
New variant of Virus ? --> issue identified.
From: "Hubbard, Dan" <dhubbard () websense com>
Date: Wed, 28 Jan 2004 08:35:49 -0800
Sophos now has a signature for this. It's a keylogging trojan that sends backing information when well known bank sites are accessed and send the keystrokes via email. I have not been able to dissect the details yet but will post them when I do. http://www.sophos.com/virusinfo/analyses/trojstawina.html It looks like there maybe a new variant of the virus MyDoom worm. We have seen the following: RE: I still love you fLctv Error 551: We are sorry your UTF-8 encoding is not supported by the server, so the text was automatically zipped and attached to this message. The file attached is message.zip and unzips to message.exe I am analyzing the file for behavior and will update, but has anyone else seen this yet ? The latest Nassoc DAT does not cover this. --------------------------------------------------------------------------- ----------------------------------------------------------------------------
Current thread:
- New variant of Virus ? --> issue identified. Hubbard, Dan (Jan 28)
- Re: New variant of Virus ? --> issue identified. Meritt James (Jan 28)
- Re: New variant of Virus ? --> issue identified. Nick FitzGerald (Jan 29)
- Re: New variant of Virus ? --> issue identified. Meritt James (Jan 28)