Hi Guys,

been a bit slack.. here is a recent Cat 2 listing from symantec ...
Wild: Low
Damage: Low
Distribution: High

This means low occurance in the wild, but has the potential for greatnes..

W32.Lohack.B.Worm is a worm that attempts to spread itself through file-sharing networks. It also attempts to mass mail itself to all the contacts in the Windows Address Book. The email will have a variable subject and attachment name. The attachment will have a .exe or .scr file extension.

The worm uses an internal SMTP client engine. In addition, W32.Lohack.B.Worm is a network-aware worm. It is a Visual Basic application that is compiled to native code and is packed with UPX v1.23.




Type: Worm
Infection Length: 47,132 bytes
Systems Affected: Windows 95, Windows 98, Windows NT, Windows 2000, Windows XP, Windows Me
Systems Not Affected: Microsoft IIS, Macintosh, OS/2, UNIX, Linux
BTW: another reason to be aware of the files downloaded on P2P networks..


Haven't checked Sophos, McAfee, Panda, KAV, etc for their reports.. or naming..


Cheers