April 2 Alerts...some old and some new

[zigar]

W32.MyLife.C@mm
Discovered on: March 31, 2002

Due to an increased rate of submissions, Symantec Security Response has upgraded the threat rating of W32.MyLife.C@mm from Category 2 to Category 3 as of April 2, 2002.

W32.MyLife.C@mm is a mass-mailing worm that emails itself to all email addresses in the Microsoft Outlook address book and the MSN Messenger contact list. It arrives as the attachment List.TXT.scr.
It may format drives and delete files depending on the system time.
Also Known As: W32/MyLife.c@mm

http://sarc.com/avcenter/venc/data/w32.mylife.c@mm.html

W32.MyLife.F@mm
Discovered on: April 2, 2002

W32.MyLife.F@mm is a mass-mailing worm that emails itself to all email addresses in the Microsoft Outlook address book and the MSN Messenger contact list. It arrives as the attachment List480.TXT.scr.
Depending on the system time, it may format drives and delete files.
http://sarc.com/avcenter/venc/data/w32.mylife.f@mm.html

DynHTML.Exploit
Discovered on: March 29, 2002

DynHTML.Exploit is a modification of an earlier exploit that is known as XMLid.Exploit. In this version, the code includes some dynamic HTML instructions.

http://sarc.com/avcenter/venc/data/dynhtml.exploit.html

[KorpDeath]

Ever vigil, Zigar. Keep up the good work.

[bowlfreak]

Thanks for the tip. I will check that out tomorrow when I get back in the office.

I ran across a message the other day about a virus that instructs you to save the attachment as an "executable," instead of the current file extension. The malware writer actually went to the length of providing instructions to the end user as to how to accomplish this. Once the extension is saved as an "exe," the author instructs the user to "double click on the file" to see what happens. A new kind of social engineering virus...preying on the less skilled computer user.