Full Disclosure mailing list archives
Re: [Fwd: [TH-research] Dumaru.J/Y Worm - Possible Outbreak]
From: Gadi Evron <ge () egotistical reprehensible net>
Date: Sun, 25 Jan 2004 13:21:21 -0800
Why are yiu suggesting that this is a pssible "outbreak", and what exactly do you mean by that?
Because it is an outbreak, it just isn't clear yet how serious it is and since I learned in the army to learn from my mistakes and to be as accurate as I can, verifying what I write from different sources, I do not wish to "jump the gun".
Dumaru has been around for a while now, but I'm not aware of it being any particular problem for corporations, and it doesn't really seem to have a payload other than self mailing in environments where a self contained smtp engine can mail out over port 25.
It's a new one.
Also, why we have a significant problem with nomenclature AV wise in general, these days I have a problem with calling a mass mailer a worm. Why don't you just call it. Mass mailer?
I try and limit the "terms" I use to the very few and basic. Different malware can be called quite a few things, with characteristics of some other thingies yet again. But you have a good point there.
If anyone has curiosity about mass mailer prevalence, www.messagelabs.com/viruseye is a good place to look.
Danke. :)
Best Gaby
Gadi -- Gadi Evron, ge () linuxbox org. The Trojan Horses Research mailing list - http://ecompute.org/th-list My resume (Hebrew) - http://www.math.org.il/resume.rtf PGP key for ge () linuxbox org - http://vapid.reprehensible.net/~ge/Gadi_Evron.ascNote: this key is used mainly for files and attachments, I sign email messages using:
http://vapid.reprehensible.net/~ge/Gadi_Evron_sign.asc _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- RE: [Fwd: [TH-research] Dumaru.J/Y Worm - Possible Outbreak] Dowling, Gabrielle (Jan 25)
- Re: [Fwd: [TH-research] Dumaru.J/Y Worm - Possible Outbreak] Gadi Evron (Jan 25)