MyDoom.F Deletes Files, Adds RIAA to DDoS Targets
The newest version of MyDoom deletes Microsoft Word and Excel documents from a victim's hard drive, along with images and videos. MyDoom.F was discovered Feb. 20 and spread slowly at first, but is prompting increased warnings from security vendors as it begins to spread more widely.
Like its predecessors, MyDoom.F has its own SMTP engine and spreads through e-mail attachments, and is programmed to launch denial of service attacks on web sites. The DDoS component of MyDoom.F targets www.microsoft.com and www.riaa.com (the Recording Industry Association of America)
MyDoom.F also opens a backdoor on the victim's computer, using port 1080. Some analyses suggest that it also opens a backdoor on multiple ports between 3000 and 5000 and disables antivirus software.Widespread awareness of MyDoom-related threats has focused fresh attention on the basics of e-mail security, particularly regarding the opening of attachments. That should work to check the spread of MyDoom.F, as will its more destructive payload, which makes it harder for the malware's activity to go unnoticed for very long on compromised machines.
Digg
Slashdot
Reddit
StumbleUpon
Delicious
Technorati
Posted by Rich Miller at 24 February 2004
in Security
|
Print this Page
| Rackspace Managed Hosting - Web Hosting - Hosting | Swishmail.com Business Email Hosting | Compare the Best Web Hosting Companies |
| INetU Managed Hosting - Dedicated Servers | Windows Dedicated Servers from Server Intellect | Reseller hosting Managed dedicated server Ahosting |
| Business Web Hosting Services - webhosting.uk.com | Web Hosting - Dedicated Servers & VPS Hosting | Managed Hosting - PCI Compliance by NeoSpire |
Advertising on Netcraft
Copyright © Netcraft Ltd 2009. All Rights Reserved.