RE: Phatbox: Media Hype? Scare Tactics?

["Schmehl, Paul L" <pauls () utdallas edu>]

> -----Original Message-----
> From: Dante Mercurio [mailto:Dante () webcti com] 
> Sent: Wednesday, March 17, 2004 11:09 AM
> To: incidents () securityfocus com
> Subject: Phatbox: Media Hype? Scare Tactics?
>
>
> http://isc.incidents.org/diary.html?date=2004-03-11
>
> Reports about 5000 infections on the 11th.
>
> http://story.news.yahoo.com/news?tmpl=story&cid=1804&ncid=1804
&e=3&u=/wa
shpost/20040317/tc_washpost/a444_2004mar17

Claims hundreds of thousands of systems are infected.

Is this hype or is this really spreading? Smells like hype to me because
SARC reports nothing described as Phatbox and turns up nothing in the
Symantec virus/backdoor database.

*********************

It's not hype.  This is one of the Mydoom/Beagle/Netsky variants (I just
don't recall which variant or which of the three worms it is off the top
of my head).  Since these vx groups "own" thousands of boxes, each time
they seed a new virus, they infect thousands of machines.  Even if it
isn't spreading, it's still in a lot of boxes.

Paul Schmehl (pauls () utdallas edu)
Adjunct Information Security Officer
The University of Texas at Dallas
AVIEN Founding Member
http://www.utdallas.edu/~pauls/ 

---------------------------------------------------------------------------
Free 30-day trial: firewall with virus/spam protection, URL filtering, VPN,
wireless security

Protect your network against hackers, viruses, spam and other risks with Astaro
Security Linux, the comprehensive security solution that combines six
applications in one software solution for ease of use and lower total cost of
ownership.

Download your free trial at
http://www.securityfocus.com/sponsor/Astaro_incidents_040301
----------------------------------------------------------------------------