| Home | About Us | Products | Support | Downloads | Resellers | Links |
|
|
|
||||||||
|
|
|||||||||
|
|||||||||
|
Latest Threats New "Mydoom" worm launching a world-wide attack Inter Engineering and F-Secure are warning email users around the world about a new Windows worm which is spreading rapidly. The new worm, known as Mydoom or Novarg, is spreading through email attachments and Kazaa file sharing networks. The worm has launched a world-wide denial-of-service attack from every infected computer against the website of SCO, one of the largest Unix vendors in the world. However, the WWW.SCO.COM site seems to be still operational. Last December SCO claimed that the Linux operating system was violating SCO's intellectual property rights in UNIX technology. The worm Mydoom might be a reaction of one or more fanatic Linux users who feel offended by this action from SCO. In addition of the denial-of-service attack, the worm also opens up a backdoor to infected computers by listening to TCP port 3176. This way the worm author can gain access to infected computers afterwards. The emails sent by the worm are fairly random: From: <random email address> To: <address of the recipient> Subject: <random words> Message body: (several different mail error messages, such as:) Mail transaction failed. Partial message is available. Attachment (with a textfile icon): random name ending with ZIP, BAT, CMD, EXE, PIF or SCR extension. When a user clicks on the attachment, the worm will start Notepad, filled with random characters and it will immediately start to spread further. The Worm Mydoom is another example of an attack consisting of the combination of a Worm and a Backdoor. For maximum protection Inter Engineering recommends the use of the combination of Anti Virus and a Firewall. Detailed technical description of the worm as well as screenshots are available in the F-Secure Virus Description Database at http://www.f-secure.com/v-descs/novarg.shtml F-Secure Anti-Virus can detect and stop the Mydoom worm. An evaluation version of F-Secure Anti-Virus can be downloaded from ww.inter.gr. F-Secure will also be releasing a free tool which can be used to remove Mydoom from infected systems. Inter Engineering is available for more information. About F-Secure F-Secure Corporation is the leading provider of centrally managed security solutions for the mobile enterprise. The company's award-winning products include antivirus and network security solutions for major platforms from desktops to servers and from laptops to handhelds. Founded in 1988, F-Secure has been listed on the Helsinki Exchanges since November 1999. The company is headquartered in Helsinki, Finland, with the North American headquarters in San Jose, California, as well as offices in France, Germany, Sweden, Japan and the United Kingdom and regional offices in the USA. F-Secure is supported by a network of value added resellers and distributors in over 90 countries around the globe. Through licencing and distribution agreements, the company's security applications are available for the products of the leading handheld equipment manufacturers, such as Nokia. About Inter Engineering Inter Engineering is one of the few companies specialized in Data Security. Since 1992 the company is active in the protection against computer viruses and has since then extended its activities with strong cryptography, access control, copy protection, biometrics and data recovery. The Company cooperates closely with leading providers globally and contributes actively to research and development. Also close relationships with scientific organizations are maintained. Thus Inter Engineering is able to provide consultancy and solutions for almost any Data Security issue. To contact us: Inter Engineering |