PDA

Click to See Complete Forum and Search --> : Heads UP**W32.Naco.B

Und3ertak3r
May 27th, 2003, 09:33 AM
hi guys the following info for W32.Naco.B is from Symantec (http://securityresponse.symantec.com/avcenter/venc/data/w32.naco.b@mm.html)

Wild: Low
Damage: Medium
Distribution: High

Info also at Panda (http://www.pandasoftware.com/virus_info/encyclopedia/overview.aspx?idvirus=39708&sind=0) listed as a low threat
Currently McAfee (http://vil.mcafee.com/dispVirus.asp?virus_k=100308) only list Naco.a May-19


W32.Naco.B@mm is a mass-mailing worm that attempts to spread itself through email and file-sharing network.

The worm also contains backdoor functionality and attempts to replace HTML files on Microsoft IIS server.

This threat is written in Microsoft Visual Basic(VB) programming language. The VB runtime libraries are required to execute W32.Naco.B@mm.

NOTE: Due to the bugs in the code, W32.Naco.B@mm may not work properly.




Type: Worm
Infection Length: 86,016 bytes
Systems Affected: Windows 95, Windows 98, Windows NT, Windows 2000, Windows XP, Windows Me, Microsoft IIS
Systems Not Affected: Windows 3.x, Macintosh, OS/2, UNIX, Linux

Personal assesment is low chance of seeing it, and only in some regions.. I expect to see more of my friends Klez and Yaha before I see this one.. But don't take this as a reason to be slack whith your virii protection..

Cheers
Und3ertak3r
May 28th, 2003, 01:21 PM
Not Symantec have upgraded the damage assement to High for this worm.. wild status is still low..

Also check you fav AV company for more details..
Also Known As: W32/Naco.b@MM [McAfee], Win32.Naco.B [CA], WORM_NACO.B [Trend], W32/Anacon-B [Sophos], I-Worm.Nocana.b [KAV]


Cheers
Und3ertak3r
June 3rd, 2003, 02:55 PM
Ok guys there is a new version..

Check your fav AV company.. this info is from Symantec (http://securityresponse.symantec.com/avcenter/venc/data/w32.naco.c@mm.html)

W32.Naco.C@mm is a mass-mailing worm that attempts to spread itself through the email and file-sharing networks. The worm also contains Backdoor functionality and attempts to replace HTML files on the Microsoft IIS server.

The email messages will have the following characteristics:
Subject: (One of the following)

Out of my heart?
Nelly Furtado!
New! Dragon Ball Fx
TIPs: HOW TO DEFACE A WEBSERVER?
What New in The ScreenSaver!
FoxNews Reporter: There are no Solution for SARS?
Get Your Free XXX Password!
Gotcha baby!
Crack for Nokia LogoManager 1.3
Help me plz?
TechTV: New Anti Virus Software
News: US Goverment try to make wars with Tehran.
Re: are you married?(3)
Seagate Baracuda 80GB for $???
Small And Destrucive!
Alert! New Variant Anacon.D has been detected!
Free SMS Via NACO SMS!
Patch for Microsoft Windows XP 64bit
Your FTP Password: iuahdf7d8hf
Get Free SMTP Server at Click Here!

Attachment: ANACON32.EXE



Also Known As: W32/Naco.d@MM [McAfee]
Type: Worm
Infection Length: 32,768 bytes
Systems Affected: Windows 95, Windows 98, Windows NT, Windows 2000, Windows XP, Windows Me
Systems Not Affected: Macintosh, OS/2, UNIX, Linux



Cheers
Und3ertak3r
June 12th, 2003, 02:42 PM
As soon as I say that .. and there is a version D.. wheeeeeeeee

Info here (http://securityresponse.symantec.com/avcenter/venc/data/w32.naco.d@mm.html)

Cheers