more on spam flood

[Dave Farber <dave () farber net>]

From: Declan McCullagh <declan () well com>

At 06:01 PM 1/26/2004, Dave Farber wrote:
I am getting flooded with piles of spam with an attached zip file. Is 
anyone else

Dave,
Yes, it's pretty awful. Here's our coverage:

http://news.com.com/2100-7349_3-5147605.html?tag=nefd_top



New virus hitting in-boxes


By <mailto:rob.lemos () cnet com?subject=FEEDBACK:New virus hitting 
in-boxes>Robert Lemos
Staff Writer, CNET News.com
<http://news.com.com//2100-7349_3-5147605.html?tag=prntfr>http://news.com.com/2100-7349-5147605.html 


Story last modified January 26, 2004, 2:46 PM PST

Antivirus firms on Monday warned of a new mass-mailing computer virus that 
has gained a foothold in a large number of PCs by masquerading as an e-mail 
error.

The virus--known as MyDoom, Novarg and as a variant of the Mimail virus by 
different antivirus firms--arrives in an in-box with one of several 
different random subject lines such as "Mail Delivery System," "Test" or 
"Mail Transaction Failed." The body of the e-mail contains an executable 
file and a statement such as: "The message contains Unicode characters and 
has been sent as a binary attachment."

1438c852.jpg

1438c852.jpg

1438c852.jpg

1438c852.jpg

1438c852.jpg

1438c852.jpg

Get Up to Speed on...
<http://news.com.com/2001-7355_3-0.html?tag=gutspro>Enterprise 
security<http://news.com.com/2001-7355_3-0.html?tag=gutspro>
1438c898.jpg

Get the latest headlines and
company-specific news in our
expanded GUTS section.
1438c852.jpg

1438c852.jpg

1438c852.jpg

1438c852.jpg

"It's huge," said 
<http://news.com.com//2008-7355-5147477.html?tag=nl>Vincent Gullotto, vice 
president of security software maker Network Associates' antivirus 
emergency response team. "We have it as a high-risk outbreak."


In one hour, Network Associates itself received 19,500 e-mails bearing the 
virus from 3,400 unique Internet addresses, Gullotto said. One large 
telecommunications company had already shut down its e-mail gateway to stop 
the virus.

Antivirus firms were scrambling Monday afternoon to learn more about the 
virus, which started spreading around 1 p.m. PST.

"A lot of the information is encrypted, so we have to decrypt it," said 
Sharon Ruckman, senior director for antivirus software maker Symantec's 
security response center. Symantec has had about 40 reports of the virus in 
the first hour, a high rate of submission, Ruckman said.

Antivirus firms are still analyzing the virus. Variations in the body text 
include, "The message cannot be represented in 7-bit ASCII encoding and has 
been sent as a binary attachment."

The virus also seems to install another program on the victim's computer, 
but until the antivirus firms decrypt the program's code, the purpose of 
the file is unknown.

Mail systems that remove executable files from e-mails can stop the program 
from spreading

-------------------------------------
You are subscribed as interesting-people () lists elistx com
To manage your subscription, go to
 http://v2.listbox.com/member/?listname=ip

Archives at: http://www.interesting-people.org/archives/interesting-people/