W32.Netsky.Q@mm Code indicates a DoS attack
W32.Netsky.Q@mm
According to Symantec's Security Response Website the W32.Netsky.Q@mm
virus is set to perform a DoS next week. Here is an excerpt from
Symantec's Website information:
If the system date is April 8th, 2004 through April 11th, 2004 it will
attempt to perform a Denial of Service (DoS) attack against the following
sites:
www.edonkey2000.com
www.kazaa.com
www.emule-project.net
www.cracks.am
www.cracks.st
This worm is taking advantage of unpatched systems to exploit the
Incorrect MIME Header Can Cause IE to Execute E-mail Attachment.
http://www.microsoft.com/technet/security/bulletin/MS01-020.mspx
Symantec has a removal tool available at:
http://securityresponse.symantec.com/avcenter/venc/data/w32.netsky@mm.removal.tool.html
If you are not absolutely sure that your computer is free from the Netsky
worm, you should download and run the removal tool on your computer.
According to Trend Micro it also contains the following encrypted
internal text strings embedded within its code:
We are the only SkyNet, we don't have any criminal inspirations.
Due to many reports, we do not have any backdoors included for spam
relaying. and we aren't children. Due to this, many reports are wrong.
We don't use any virus creation toolkits, only the higher language
Microsoft Visual C++ 6.0. We want to prevent hacker, cracking, sharing
with illegal stuff and similar illegal content.
Hey, big firms only want to make a lot of money.
That is what we don't prefer. We want to solve and avoid it.
Note: Users do not need a new av-update, they need
a better education! We will envolope...
- Best regards, the SkyNet Antivirus Team, Russia 05:11 P.M -
For more information see:
http://www.trendmicro.com/vinfo/virusencyclo/default5.asp?VName=WORM_NETSKY.Q&VSect=T
Deb Hale
Handler on Duty
Keywords:
0 comment(s)
×
![modal content]()
Diary Archives
Comments