Bloodhound Mass Mailing Worm
A new mass mailing worm, code named Bloodhound.W32.VBWORM , was discovered February 6th. The worm, believed to originate in Poland, is distributed via email with the subject heading Cool Linki.
The first time the worm executes, it displays the following fake error message: Error While loading REXEC.EXE. If the user unknowingly clicks on the OK button, the worm scans the hard disk for .vbs files. If it finds one, it alters the file, which causes the worm to execute whenever the .vbs file is run.
After the worm scans the entire hard disk, it emails all users in the Microsoft Outlook address book. The email appears as follows:
Subject: Cool Linki Body: Przesylam ci znaleziona baze danych linków. Jest tam duzo stron, których na pewno nie znasz :) Attachment: Linki.exe Size of Attachment: 57 KB
The worm then looks for Script.ini in the mIRC folder. If it finds the file, the worm overwrites it. This causes the file to be sent to other users over the IRC network.
Symantec is reporting that the distribution of the Virus as HIGH with the potential for MEDIUM damage caused by the virus.
End-users are cautioned to update their virus definitions and should immediately delete any email with the above Subject line.
Managing Risks Associated With Wireless Networks and Wireless Customer Access.
If your institution is currently evaluating or utilizing wireless technology to reach customers and reduce the costs of implementing new networks, you'll want to review the new guidance released by FDIC in FIL-8-2002 on Managing Risks Associated With Wireless Networks and Wireless Customer Access.
Previous Tech Alerts: 02/04/02 Microsoft Issues Collection of Security Fixes for Windows 2000 01/31/02 Copycat Virus Unleashed 01/30/02 Netscape Browser Vulnerable to Cookie Theft 01/28/02 "My Party" Mass Mailing Worm 01/18/02 IT Contingency Planning Guide, Information Security Checklist and Solaris Vulnerability 01/15/02 Trojan.StartPage Alters Web Browsers 01/12/02 New Internet Worm Gigger Masquerades as Microsoft Outlook Upgrade
01/08/02 Microsoft Universal Plug and Play Vulnerability 12/20/01 Holiday Themed Computer Virus Unleashed
BankersOnline is a free service made possible by the generous support of our
advertisers and sponsors. Advertisers and sponsors are not responsible for site content. Please help us keep BankersOnline FREE to all
banking professionals. Support our advertisers and sponsors by clicking
through to learn more about their products and services.