W32/Mydoom.o@MM - Medium-On-Watch
--> What is it?
W32/Mydoom.o@MM is a Medium-On-Watch risk mass-mailing worm
that tries to open a hacker backdoor on your PC. Often
pretending to be a bounced email alert, the worm arrives
inside an attachment then spreads by sending itself to stolen
contacts and via peer-to-peer programs.
--> What should I look for?
FROM: Varies. Examples: "Bounced mail," "MAILER-DAEMON,"
"Mail Administrator". Often spoofed.
SUBJECT: Varies. Examples: delivery failed, Message could not be
delivered, Mail System Error - Returned Mail
BODY: Example: We have received reports that your account was used to
send a large amount of junk email messages during the last week.
ATTACHMENT: Examples: README, INSTRUCTION, TRANSCRIPT
--> How do I know if I've been infected?
The worm installs itself as JAVA.EXE in an infected
computer's Windows directory. TCP Port 1034 open.
__________________
Forum Rules
"Cat washing IS a martial art."
"Remember Today IS Yesterdays Tomorrow"
|