| |
M1CUK > INFO 26.10.02 13:50l 71 Lines 2594 Bytes #999 (0) @ WW
BID : 1C2316M1CUK
Read: DB0FHN GUEST
Subj: virus update
Path: DB0FHN<DB0ZWI<DB0HDF<DB0ERF<DB0FBB<DB0GOS<DB0ACC<ON0RAT<ON0DXC<WA7V<
W7NTF<WB0TAX<GB7FCR
Sent: 021019/1757Z @:GB7FCR.#16.GBR.EU #:23105 [Blackpool] FBB-7.03a $:1C2316M1
From: M1CUK@GB7FCR.#16.GBR.EU
To : INFO@WW
UNIX Backdoor - UNIX_ALUTAPS.A
-------------------------------
UNIX_ALUTAPS.A is a Trojanized version of Sendmail 8.12.6 that compromises
security on affected UNIX systems.
This backdoor malware compromises security on affected systems. It is
contained in the hacker-modified file, /libsm/t-shm.c, of the Sendmail
8.12.6 package. Once a user builds the package and runs the Sendmail
program, this malware is extracted from the Trojanized file.
It connects to an IP address via TCP port 6667 and then waits for
instructions from its remote user. It allows the user to open a remote
shell that runs in the context of the affected system. It grants the
remote user the same access rights as the regular user of the compromised
system.
If you would like to scan your computer for UNIX_ALUTAPS.A or thousands of
other worms, viruses, Trojans and malicious code, visit HouseCall, Trend
Micro's free online virus scanner at: http://housecall.trendmicro.com/
------------------------------------------------------------------------
Gone in 60 Seconds - WORM_RODOK.A
----------------------------------
WORM_RODOK.A, which prompted a Medium Risk virus alert last week, has
quickly run its course. Asia was hardest hit with this worm, specifically
Korea and Taiwan.
WORM_RODOK.A is a memory-resident worm that propagates via Microsoft
Messenger (MSN). It opens MSN Messenger and immediately sends out a
message to all active or online contacts in the infected user's MSN
contact list. The message asks recipients to click on a particular URL.
Recipients of the message are not automatically infected with this worm.
Infection occurs when the recipient clicks the URL, which downloads the
worm and executes it on the system.
-------------------------------------------------------------------------
10 Most Prevalent In-the-Wild Malware
(week of: October 7, 2002 to October 13, 2002)
------------------------------------------------------------------------
1. WORM_KLEZ.H
2. WORM_BUGBEAR.A
3. JS_EXCEPTION.GEN
4. JS_TRAFFICHBAR.A
5. WORM_OPASOFT.A
6. JS_NOCLOSE.E
7. REG_STARTPAGE.A
8. TROJ_SUA.A
9. JS_NOCLOSE.A
10. HTML_IFRMEXP.GEN
------------------------------------------------------------------------
73's
Trev, m1cuk@gb7fcr.#16.gbr.eu
SysOp gb7fcr
ax25 - tcp/ip - telnet - axip - RF & Internet Linked System's
Located in Blackpool, Lancashire, On the North West Coast of the UK
Message timed: 18:57 on 19 Oct 02
Message sent using WinPack-Telnet V6.80
WebSite http://gb7fcr.co.uk
E-Mail trev@gb7fcr.co.uk
Read previous mail | Read next mail
| |