|
New worm tactic.
I see someone has sent me a .zip file which contains a .pif file
which undoubredly comtains something that is not going to do my PC any good were it executed. Checking on McAfee I find it is W32/Sobig.e@MM. "This variant is similar to W32/Sobig.d@MM. The worm propagates via email and over network shares. It contains its own SMTP engine for constructing outgoing messages. The virus is sent in a ZIP archive, allowing it to bypass extension blocking rules. However, this requires the end user to perform extra steps in order to actually execute the virus." But they wil, l and it also propagates via Network shares so beware ! **** is about to happen. -- Jim Watt http://www.gibnet.com |
Re: New worm tactic.
"Jim Watt" <jimwatt@aol.no.way> wrote in message
news:2cfkfvomig1c1mgnifkh1eld2vj5dbo6j7@4ax.com... > I see someone has sent me a .zip file which contains a .pif file > which undoubredly comtains something that is not going to do > my PC any good were it executed. > > Checking on McAfee I find it is > > W32/Sobig.e@MM. > > "This variant is similar to W32/Sobig.d@MM. The worm propagates via > email and over network shares. It contains its own SMTP engine for > constructing outgoing messages. > > The virus is sent in a ZIP archive, allowing it to bypass extension > blocking rules. However, this requires the end user to perform extra > steps in order to actually execute the virus." > > But they wil, l and it also propagates via Network shares so beware ! > > **** is about to happen. > > > -- > Jim Watt http://www.gibnet.com Fortunately there are mail filtering applications (e.g.. Elron Software Message Inspector and/or Anti-Virus) capable of examining and if necessary blocking such attachments. Even if the file's extension has been changed. -- Best regards, Don Kelloway Commodon Communications Visit http://www.commodon.com to learn about the "Threats to Your Security on the Internet". |
Re: New worm tactic.
On Thu, 26 Jun 2003 05:22:17 GMT, "Don Kelloway"
<dkelloway@commodon.com> wrote: >"Jim Watt" <jimwatt@aol.no.way> wrote in message >news:2cfkfvomig1c1mgnifkh1eld2vj5dbo6j7@4ax.com.. . >> I see someone has sent me a .zip file which contains a .pif file >> which undoubredly comtains something that is not going to do >> my PC any good were it executed. >> >> Checking on McAfee I find it is >> >> W32/Sobig.e@MM. >> >> "This variant is similar to W32/Sobig.d@MM. The worm propagates via >> email and over network shares. It contains its own SMTP engine for >> constructing outgoing messages. >> >> The virus is sent in a ZIP archive, allowing it to bypass extension >> blocking rules. However, this requires the end user to perform extra >> steps in order to actually execute the virus." >> >> But they wil, l and it also propagates via Network shares so beware ! >> >> **** is about to happen. >> >> >> -- >> Jim Watt http://www.gibnet.com > > >Fortunately there are mail filtering applications (e.g.. Elron Software >Message Inspector and/or Anti-Virus) capable of examining and if necessary >blocking such attachments. Even if the file's extension has been changed. Its not that the extension has been changed, its really a .zip file However, you are right, the best point of defense is at the mail server. -- Jim Watt http://www.gibnet.com |
| All times are GMT. The time now is 10:25 AM. |
Powered by vBulletin®. Copyright ©2000 - 2013, vBulletin Solutions, Inc.
SEO by vBSEO ©2010, Crawlability, Inc.