*

Recent Posts

Welcome, Guest. Please login or register.
November 14, 2024, 11:54:35 PM

Login with username, password and session length

Members
  • Total Members: 61
  • Latest: AciDeX
Stats
  • Total Posts: 28505
  • Total Topics: 1915
  • Online Today: 315
  • Online Ever: 569
  • (August 02, 2024, 06:20:39 AM)
Users Online
Users: 0
Guests: 39
Total: 39

Permissions

Author Topic: W32/Netsky.b@MM  (Read 2287 times)

0 Members and 2 Guests are viewing this topic.

Offline ZWarrior

  • Administrator
  • Hero Member
  • *****
  • Posts: 7798
  • Karma: 8
  • Shhh! Be wery wery qwiet...
    • View Profile
    • Ambush!
W32/Netsky.b@MM
« on: February 19, 2004, 12:30:41 PM »
(((((((((((((((((((( McAfee Dispatch )))))))))))))))))))))))

[This message is brought to you as a subscriber to the McAfee Dispatch. To unsubscribe, please follow the instructions at the bottom of this email.]

------------------------------------------------------------
            ** VIRUS ADVISORY - W32/Netsky.b@MM **
------------------------------------------------------------

Dear W. Andy,

W32/Netsky.b@MM is a Medium Risk mass-mailing worm that copies itself to folders named "share" or "sharing" on the infected system. It spreads itself to addresses it steals, spoofing or forging the "from: field" or using the address skynet@skynet.de. The worm also tries to deactivate the W32/Mydoom.a@MM and W32/Mydoom.b@MM viruses on the host computer.

Caution: An infected email can come from addresses you recognize.
------------------------------------------------------------
***What to look for***

Subject-Body: Varies. Examples include:

-I have your password!
-about me
-anything ok?
-do you?
-from the chatter

Attachment: Varies but may have a double-extension such as .rtf.pif contained in a .ZIP file.

Aliases: Moodown.B, I-Worm.Moodown.b
------------------------------------------------------------

Up-to-date McAfee VirusScan users with DAT 4325 are protected from this threat.

Learn More about W32/Netsky.b@MM
==> http://us.mcafee.com/root/campaign.asp?cid=9647

Scan for W32/Netsky.b@MM:
==> http://us.mcafee.com/root/campaign.asp?cid=9648
--------------------------------
Zoë: Shepard, isn't the Bible kind of specific about killing?
Book: Very specific. It is, however, somewhat fuzzy around the area of kneecaps.

Offline ZWarrior

  • Administrator
  • Hero Member
  • *****
  • Posts: 7798
  • Karma: 8
  • Shhh! Be wery wery qwiet...
    • View Profile
    • Ambush!
W32/Netsky.b@MM
« Reply #1 on: February 26, 2004, 04:22:50 PM »
New variant:



------------------------------------------------------------
            ** VIRUS ADVISORY - W32/Netsky.c@MM **
------------------------------------------------------------

A new variant of last week's Netsky virus, W32/Netsky.c@MM is a Medium Risk mass-mailing worm that also copies itself to folders named "share" or "sharing" on an infected system.
It spreads by stealing email addresses, spoofing or forging the "from: field". Like its earlier counterpart, the worm tries to deactivate the W32/Mydoom.a@MM and W32/Mydoom.b@MM viruses on the host computer.

Upon infection, W32/Netskyk.c@MM will also spread via P2P programs like KaZaa, Bearshare and Limewire that use shared folder names containing the words "share" or "sharing".

Note: The attachment may be either a ZIP file (with the
worm) or an executable, with a single (.doc, .htm, .rtm,
.text) or double file extension (.com, .exe, .pif, .scr).
Filenames that are carried within the worm include:

3D Studio Max 3dsmax.exe
Adobe Photoshop 9 full.exe
Adobe Premiere 9.exe
Ahead Nero 7.exe
Best Matrix Screensaver.scr

Caution: An infected email can come from someone you know.

What to look for:

Subject/Body: Varies. Examples include:

-Your provider will be disabled!
-tell me more about your document!
-explain!
-do not visit the pages on the list I sent!
-do not open the attachment!

Attachment: Varies. Examples include:

-454543403
-aboutyou
-associal
-attach2
-auction
-transfer

------------------------------------------------------------

NOTE: Up-to-date McAfee VirusScan users with dat 4328 are protected from this threat.

Learn More about W32/Netsky.c@MM
==> http://us.mcafee.com/root/campaign.asp?cid=9690

Scan for W32/Netsky.c@MM:
==> http://us.mcafee.com/root/campaign.asp?cid=9691

____________________________________________________________
--------------------------------
Zoë: Shepard, isn't the Bible kind of specific about killing?
Book: Very specific. It is, however, somewhat fuzzy around the area of kneecaps.

Offline snauzberries

  • Hero Member
  • *****
  • Posts: 1871
  • Karma: 4
  • Bless me I snauzed!
    • View Profile
W32/Netsky.b@MM
« Reply #2 on: February 26, 2004, 08:45:14 PM »
YAY ANOTHER TOY!


hmmmmm hey jolly want a worm?