New worm tactic.

Discussion in 'Computer Security' started by Jim Watt, Jun 26, 2003.

  1. Jim Watt

    Jim Watt Guest

    I see someone has sent me a .zip file which contains a .pif file
    which undoubredly comtains something that is not going to do
    my PC any good were it executed.

    Checking on McAfee I find it is

    W32/[email protected]

    "This variant is similar to W32/[email protected] The worm propagates via
    email and over network shares. It contains its own SMTP engine for
    constructing outgoing messages.

    The virus is sent in a ZIP archive, allowing it to bypass extension
    blocking rules. However, this requires the end user to perform extra
    steps in order to actually execute the virus."

    But they wil, l and it also propagates via Network shares so beware !

    shit is about to happen.
    Jim Watt, Jun 26, 2003
    1. Advertisements

  2. Jim Watt

    Don Kelloway Guest

    Fortunately there are mail filtering applications (e.g.. Elron Software
    Message Inspector and/or Anti-Virus) capable of examining and if necessary
    blocking such attachments. Even if the file's extension has been changed.

    Best regards,
    Don Kelloway
    Commodon Communications

    Visit to learn about the "Threats to Your Security
    on the Internet".
    Don Kelloway, Jun 26, 2003
    1. Advertisements

  3. Jim Watt

    Jim Watt Guest

    Its not that the extension has been changed, its really a .zip file

    However, you are right, the best point of defense is at the mail
    Jim Watt, Jun 26, 2003
    1. Advertisements

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.