Interesting People mailing list archives
more on spam flood
From: Dave Farber <dave () farber net>
Date: Mon, 26 Jan 2004 18:50:39 -0500
From: Declan McCullagh <declan () well com> At 06:01 PM 1/26/2004, Dave Farber wrote:I am getting flooded with piles of spam with an attached zip file. Is anyone else
Dave, Yes, it's pretty awful. Here's our coverage: http://news.com.com/2100-7349_3-5147605.html?tag=nefd_top New virus hitting in-boxesBy <mailto:rob.lemos () cnet com?subject=FEEDBACK:New virus hitting in-boxes>Robert Lemos
Staff Writer, CNET News.com<http://news.com.com//2100-7349_3-5147605.html?tag=prntfr>http://news.com.com/2100-7349-5147605.html
Story last modified January 26, 2004, 2:46 PM PSTAntivirus firms on Monday warned of a new mass-mailing computer virus that has gained a foothold in a large number of PCs by masquerading as an e-mail error.
The virus--known as MyDoom, Novarg and as a variant of the Mimail virus by different antivirus firms--arrives in an in-box with one of several different random subject lines such as "Mail Delivery System," "Test" or "Mail Transaction Failed." The body of the e-mail contains an executable file and a statement such as: "The message contains Unicode characters and has been sent as a binary attachment."
1438c852.jpg 1438c852.jpg 1438c852.jpg 1438c852.jpg 1438c852.jpg 1438c852.jpg Get Up to Speed on...<http://news.com.com/2001-7355_3-0.html?tag=gutspro>Enterprise security<http://news.com.com/2001-7355_3-0.html?tag=gutspro>
1438c898.jpg Get the latest headlines and company-specific news in our expanded GUTS section. 1438c852.jpg 1438c852.jpg 1438c852.jpg 1438c852.jpg"It's huge," said <http://news.com.com//2008-7355-5147477.html?tag=nl>Vincent Gullotto, vice president of security software maker Network Associates' antivirus emergency response team. "We have it as a high-risk outbreak."
In one hour, Network Associates itself received 19,500 e-mails bearing the virus from 3,400 unique Internet addresses, Gullotto said. One large telecommunications company had already shut down its e-mail gateway to stop the virus.
Antivirus firms were scrambling Monday afternoon to learn more about the virus, which started spreading around 1 p.m. PST.
"A lot of the information is encrypted, so we have to decrypt it," said Sharon Ruckman, senior director for antivirus software maker Symantec's security response center. Symantec has had about 40 reports of the virus in the first hour, a high rate of submission, Ruckman said.
Antivirus firms are still analyzing the virus. Variations in the body text include, "The message cannot be represented in 7-bit ASCII encoding and has been sent as a binary attachment."
The virus also seems to install another program on the victim's computer, but until the antivirus firms decrypt the program's code, the purpose of the file is unknown.
Mail systems that remove executable files from e-mails can stop the program from spreading
------------------------------------- You are subscribed as interesting-people () lists elistx com To manage your subscription, go to http://v2.listbox.com/member/?listname=ip Archives at: http://www.interesting-people.org/archives/interesting-people/
Current thread:
- more on spam flood Dave Farber (Jan 26)
- <Possible follow-ups>
- more on spam flood Dave Farber (Jan 26)