Tech Alert Briefing for 2/4/2002
Bloodhound Mass Mailing Worm
A new mass mailing worm, code named Bloodhound.W32.VBWORM ,was discovered February 6th.The worm, believed to originate in Poland, is distributed via email with the subject heading Cool Linki.
The first time the worm executes, it displays the following fake error message: Error While loading REXEC.EXE.If the user unknowingly clicks on the OK button, the worm scans the hard disk for .vbs files. If it finds one, it alters the file, which causes the worm to execute whenever the .vbs file is run.
After the worm scans the entire hard disk, it emails all users in the Microsoft Outlook address book. The email appears as follows:
Subject: Cool Linki
Body: Przesylam ci znaleziona baze danych link?w. Jest tam duzo stron, kt?rych na pewno nie znasz :)
Size of Attachment: 57 KB
The worm then looks for Script.ini in the mIRC folder. If it finds the file, the worm overwrites it. This causes the file to be sent to other users over the IRC network.
Symantec is reporting that the distribution of the Virus as HIGH with the potential for MEDIUM damage caused by the virus.
End-users are cautioned to update their virus definitions and should immediately delete any email with the above Subject line.
Managing Risks Associated With Wireless Networks and Wireless Customer Access.
If your institution is currently evaluating or utilizing wireless technology to reach customers and reduce the costs of implementing new networks, you'll want to review the new guidance released by FDIC in FIL-8-2002 on Managing Risks Associated With Wireless Networks and Wireless Customer Access.http://www.fdic.gov/news/news/financial/2002/fil0208.html
Previous Tech Alerts:
02/04/02 Microsoft Issues Collection of Security Fixes for Windows 2000
01/31/02 Copycat Virus Unleashed
01/30/02 Netscape Browser Vulnerable to Cookie Theft
01/28/02 "My Party" Mass Mailing Worm
01/18/02 IT Contingency Planning Guide, Information Security Checklist and Solaris Vulnerability
01/15/02 Trojan.StartPage Alters Web Browsers
01/12/02 New Internet Worm Gigger Masquerades as Microsoft Outlook Upgrade
01/08/02 Microsoft Universal Plug and Play Vulnerability
12/20/01 Holiday Themed Computer Virus Unleashed
First published on 02/03/2002