New worm tactic.

Discussion in 'Computer Security' started by Jim Watt, Jun 26, 2003.

  1. Jim Watt

    Jim Watt Guest

    I see someone has sent me a .zip file which contains a .pif file
    which undoubredly comtains something that is not going to do
    my PC any good were it executed.

    Checking on McAfee I find it is

    W32/[email protected]

    "This variant is similar to W32/[email protected] The worm propagates via
    email and over network shares. It contains its own SMTP engine for
    constructing outgoing messages.

    The virus is sent in a ZIP archive, allowing it to bypass extension
    blocking rules. However, this requires the end user to perform extra
    steps in order to actually execute the virus."

    But they wil, l and it also propagates via Network shares so beware !

    shit is about to happen.
     
    Jim Watt, Jun 26, 2003
    #1
    1. Advertisements

  2. Jim Watt

    Don Kelloway Guest


    Fortunately there are mail filtering applications (e.g.. Elron Software
    Message Inspector and/or Anti-Virus) capable of examining and if necessary
    blocking such attachments. Even if the file's extension has been changed.


    --
    Best regards,
    Don Kelloway
    Commodon Communications

    Visit http://www.commodon.com to learn about the "Threats to Your Security
    on the Internet".
     
    Don Kelloway, Jun 26, 2003
    #2
    1. Advertisements

  3. Jim Watt

    Jim Watt Guest

    Its not that the extension has been changed, its really a .zip file

    However, you are right, the best point of defense is at the mail
    server.
     
    Jim Watt, Jun 26, 2003
    #3
    1. Advertisements

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.