Anti Virus software on the mail server this morning started picking up MyDoom.a and MyDoom.b. Anyone else being hit my this. Looking at the details of this virus, I hope everyone is updating their anti virus software (if it is not too late). Apparently it also changes the host file on the computer to set all anti virus software websites to 0.0.0.0. So, If you have not yet updated your software, dont think you will be able to, unless you reset your host file.
As of this morning it does not look as if the Telkom Mail Server was picking it up.
MyDoom.a performs a DOS attack on sco.com.
MyDoom.b performs a DOS attack on microsoft.com
Both come across via email and KaZaa (so all P2P user be careful)
<b>Email</b>
Worm spreads by sending itself to e-mail addresses that are taken from files with WAB, PL, ADB, TBB, DBX, ASP, STL, HTM, TXT and PHP extension.
Emails come with the following headings:
<i>Subject:</i>
Is generated from the following words:
Error
Status
Server Report
Mail Transaction Failed
Mail Delivery System
hello
hi
<i>Body:</i>
Is generated from the following text variants:
Mail transaction failed. Partial message is available.
The message contains Unicode characters and has been sent as a binary attachment.
The message cannot be represented in 7-bit ASCII encoding and has been sent as a binary attachment.
<i>Attachment name:</i>
Is generated from the following words:
body
message
test
data
file
text
doc
readme
document
<i>Attachment extension could be:</i>
bat
cmd
exe
scr
pif
<b>Kazaa</b>
Worm copies itself into KaZaA directory with following names:
nuke2004
office_crack
rootkitXP
strip-girl-2.0bdcom_patches
activation_crack
icq2004-final
winamp5
As many of the ADSL users use KaZaa it would be advisable to check you Shared Folders.
MyDoom.b contains variants of the above.
MAKE SURE YOU UPDATE YOUR ANTI VIRUS SOFTWARE
I Use AVG home edition which is free, and I've found it to be really good.
As of this morning it does not look as if the Telkom Mail Server was picking it up.
MyDoom.a performs a DOS attack on sco.com.
MyDoom.b performs a DOS attack on microsoft.com
Both come across via email and KaZaa (so all P2P user be careful)
<b>Email</b>
Worm spreads by sending itself to e-mail addresses that are taken from files with WAB, PL, ADB, TBB, DBX, ASP, STL, HTM, TXT and PHP extension.
Emails come with the following headings:
<i>Subject:</i>
Is generated from the following words:
Error
Status
Server Report
Mail Transaction Failed
Mail Delivery System
hello
hi
<i>Body:</i>
Is generated from the following text variants:
Mail transaction failed. Partial message is available.
The message contains Unicode characters and has been sent as a binary attachment.
The message cannot be represented in 7-bit ASCII encoding and has been sent as a binary attachment.
<i>Attachment name:</i>
Is generated from the following words:
body
message
test
data
file
text
doc
readme
document
<i>Attachment extension could be:</i>
bat
cmd
exe
scr
pif
<b>Kazaa</b>
Worm copies itself into KaZaA directory with following names:
nuke2004
office_crack
rootkitXP
strip-girl-2.0bdcom_patches
activation_crack
icq2004-final
winamp5
As many of the ADSL users use KaZaa it would be advisable to check you Shared Folders.
MyDoom.b contains variants of the above.
MAKE SURE YOU UPDATE YOUR ANTI VIRUS SOFTWARE
I Use AVG home edition which is free, and I've found it to be really good.