6 Heads Up **Zoher,NakedWife,MyBabyPic,Gnutella worm,Vierika,DlDer**
i have 6 heads up to notify everyone:
ALIAS: Scherzo, Sheer, I-Worm.Zoher
This worm sends itself to everyone in the Windows Address book. It uses the default system SMTP mail server (found from Windows registry).
The worm exploits i-frame vulnerability and because of that on some systems the worm is able to self-launch itself when an infected e-mail is viewed (for example, with Outlook and IE 5.0 or 5.01). To do this the worm uses a known vulnerability in IE that allows execution of an email attachment.
technical Details and other Stuff Here : http://www.f-secure.com/v-descs/sheer.shtml
ALIAS: I-Worm.Naked, W32/naked@MM,
ALIAS: W32.HLLW.JibJab@MM TROJ_NakedWife
ALIAS: Naked Wife
NakedWife is an e-mail worm that spreads as an attachment called NakedWife.exe. The worm uses MS Outlook Address Book to find e-mail addresses and sends itself to these addresses with the help of MS Outlook application. The worm is a PE executable about 74 kb long written in Visual Basic.
it opens MS Outlook Address Book and sends itself to all addresses found there. The infected message has the worm's executable as NakedWife.exe attached.
technical Details and other Stuff Here : http://www.f-secure.com/v-descs/nakedwif.shtml
ALIAS: IWorm_Myba, I-Worm.Myba
Myba is the Internet worm spreading with emails by sending infected messages from affected computers. While spreading the worm uses MS Outlook and sends itself to all addresses that are stored in MS Outlook Address Book.
The worm itself is Win32 application written in VisualBasic. The worm code seems to be based on I-Worm.LoveLetter VBS worm (the worm routines and their names look very similar to "Loveletter" ones), and its seems that this worm was created by adapting "Loveletter" VBS source to VisualBasic language.
When run (if a user clicks on attached infected file) the worm sends its copies by email, installs itself into the system and performs destructive actions.
technical Details and other Stuff Here : http://www.f-secure.com/v-descs/myba.shtml
ALIAS: GnutellaMandragore, Gnutella worm
GnutellaMandragore is a worm which spreads through the Gnutella peer-to-peer file sharing system (which is somewhat similar to Napster). If you're not using Gnutella, you're not at risk. Popular programs to access Gnutella include ToadNode and BearShare.
When a PC gets infected, the worm will connect to the Gnutella network as one node. After that it will monitor what kind of files other people are searching for, and will answer those queries.
First infected files in the Gnutella network were spotted on Friday the 23rd of February, 2001.
technical Details and other Stuff Here : http://www.f-secure.com/v-descs/mandra.shtml
VBS/Vierika is a mass mailer (worm) written in Visual Basic Script.
This worm consists of two different script parts, one that arrives in an Outlook message as an attachment and another that is available on a web site.
This worm arrives in a message that has the following content:
Subject: Vierika is here
This variant arrives in a message that have the same content with VBS/Vierika.A@mm. However, the worm is modified slightly and it uses a web page located at Geocities server. The web page is modified as well:
now you are free
MATRIX IS CONTROL
technical Details and other Stuff Here : http://www.f-secure.com/v-descs/vierika.shtml
mean while SOPHOS has released a timeline and l;atest news for Sobig.F
ALIAS: Trojan.Win32.DlDer, Troj_DlDer
The DlDer spyware-trojan was installed with LimeWire, Kazaa, Grokster and some other software packages that are mainly used for user-to-user file exchange purposes (now most of these packages are distributed without DlDer trojan components). The trojan was installed even if a user selected not to install any additional (spyware) components from those packages during setup phase or was just hiddenly dropped to a user's system.
technical Details and other Stuff Here : http://www.f-secure.com/v-descs/dlder.shtml
check here : http://www.sophos.com/virusinfo/arti...gtimeline.html