Announcement

Collapse
No announcement yet.

[OT] Got the **** Mydoom virus.......

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

    [OT] Got the **** Mydoom virus.......

    So I come into work this morning in a good mood, but by the time I get to my cubicle, all the IT guys are crowded around my computer. Apparently I opened an email containing the "mydoom" virus that is running rampant lately. Well they ran a Stinger program and got rid of it. But its funny because this virus may not necessarily be a bad thing. I think its part of the war going on between Linux and SCO......

    #2
    You know the more I read about this virus, the more I am not feeling like its such a bad thing. SCO is apparently sueing Linux for some rights to Unix. Also I found out that SCO is also sueing Google. So it seems like SCO is sue happy right now.

    Comment


      #3
      What does SCO have to do with the virus?

      Comment


        #4
        This virus is far from a good thing. Not only does it set your computer up to perform a DOS against www.sco.com but it also installs a backdoor and harvests email addresses from your comp.

        Here is the Symantec write-up.

        W32.Novarg.A@mm is a mass-mailing worm that arrives as an attachment with the file extension .bat, .cmd, .exe, .pif, .scr, or .zip.

        When a computer is infected, the worm will set up a backdoor into the system by opening TCP ports 3127 through 3198, which can potentially allow an attacker to connect to the computer and use it as a proxy to gain access to its network resources.

        In addition, the backdoor can download and execute arbitrary files.

        The worm will perform a Denial of Service (DoS) starting on February 1, 2004. It also has a trigger date to stop spreading on February 12, 2004.

        Comment


          #5
          anyone opening a executable attachment from someone they dont know or that has a name you dont recall asking someone to send you you deserve to get a virus...

          Comment


            #6
            How do you know when it will stop spreading?Not accusing you of anything here mate.
            You obviously know how to extract it from the virus i guess.
            And why has it a fixed date for stop spreading?
            If you know.

            Comment


              #7
              I believe that it is designed to cease and desist on that Feb date...

              Comment


                #8
                Originally posted by Tobbe
                How do you know when it will stop spreading?Not accusing you of anything here mate.
                You obviously know how to extract it from the virus i guess.
                And why has it a fixed date for stop spreading?
                If you know.
                Originally posted by Wodin

                Here is the Symantec write-up.

                Comment


                  #9
                  Right :sour: :up:
                  Sorry

                  Sometimes i read,skip some,and post.Stupid.

                  Edit:I´ll change today! :cry:

                  Comment


                    #10
                    Actually, I work for Symantec. Why it may have a stop date is unknown. Lots of viruses lately have them. But even though it says it will stop attacking sco.com on the 12th of Feburary does not mean it will always be like that. Since it opens a back door to execute code on your box, it can update itself and do what ever it likes.

                    Realize also that the sending email address can be spoofed to appear to come from your sys admin. If your sys admin at work asks you to open a file, why wouldn't you? It also might not look like an exe since the extension changes a bit.

                    Comment


                      #11
                      Originally posted by KriLL3
                      anyone opening a executable attachment from someone they dont know or that has a name you dont recall asking someone to send you you deserve to get a virus...
                      But what if it came from a good friend?
                      This virus spofs email addresses!

                      Up to date virus software was able to block this before it was released. Other than a 30 minute email delay while the mail servers filter out 1000's of emails with the virus being sent to people in the company, our company hasnt been hit at all.

                      Comment


                        #12
                        Originally posted by therealvader
                        What does SCO have to do with the virus?
                        DOS www.sco.com


                        http://slashdot.org/articles/04/01/2...&tid=98&tid=99

                        Comment


                          #13
                          Originally posted by KriLL3
                          anyone opening a executable attachment from someone they dont know or that has a name you dont recall asking someone to send you you deserve to get a virus...
                          Originally posted by MechaFubs
                          But what if it came from a good friend?
                          This virus spofs email addresses!
                          I read on MSN that it is arriving as a mail delivery problem notification from popular email providers. Similar to:

                          Mail Subsystem Delivery Notification..............
                          Mail Undeliverable..........
                          etc..........

                          Now opening something from an email like this? Granted you can get an attachment sent back to you, but if you don't recognize it, don't open it! That is a pretty standard rule for e-mail in general due to viruses. And remember W32.Novarg.A@mm is a mass-mailing worm that arrives as an attachment with the file extension .bat, .cmd, .exe, .pif, .scr, or .zip. It's not just an exe. extension or file you need to be looking out for.

                          Comment


                            #14
                            haha virii is like a tax on the stupid

                            Comment


                              #15
                              SCO issues bounty for MyDoom creator

                              Comment

                              Working...
                              X