The W32.Mydoom.F@mm worm
1 post
• Page 1 of 1
The W32.Mydoom.F@mm worm
- Is a mass-mailing worm that opens a backdoor on TCP port 1080
- Can download and execute arbitrary files
- Will perform a Denial of Service (DoS) against http://www.microsoft.com and http://www.riaa.com, if the computer's local system date is between 17th and 22nd of any month.
- Sets up a backdoor in an infected system, by opening TCP port 1080. This could allow an attacker to connect to a computer and use it as a proxy to gain access to its network resources.
The worm arrives as an attachment with the file extension .bat, .com, .cmd, .exe, .pif, .scr, or .zip. The From: line of the email may be spoofed.
Symantec Security Response has developed a removal tool to clean the infections of W32.Mydoom.F@mm and earlier variants of this threat.
::Symantec website::
- MinusDriver
- Posts: 813
- Joined: Thu Jan 08, 2004 9:47 pm
- Location: Atlanta, GA
- Real Name: Michael
1 post
• Page 1 of 1
Who is online
Users browsing this forum: No registered users and 1 guest