A Digital Age Deserves A Digital Leader

The W32.Mydoom.F@mm worm

The W32.Mydoom.F@mm worm

Postby MinusDriver » Wed Feb 25, 2004 3:21 pm

- Is a mass-mailing worm that opens a backdoor on TCP port 1080
- Can download and execute arbitrary files
- Will perform a Denial of Service (DoS) against http://www.microsoft.com and http://www.riaa.com, if the computer's local system date is between 17th and 22nd of any month.
- Sets up a backdoor in an infected system, by opening TCP port 1080. This could allow an attacker to connect to a computer and use it as a proxy to gain access to its network resources.

The worm arrives as an attachment with the file extension .bat, .com, .cmd, .exe, .pif, .scr, or .zip. The From: line of the email may be spoofed.

Symantec Security Response has developed a removal tool to clean the infections of W32.Mydoom.F@mm and earlier variants of this threat.


:moreat: ::Symantec website::
PRO Level 13
User avatar
Posts: 813
Joined: Thu Jan 08, 2004 9:47 pm
Location: Atlanta, GA
Real Name: Michael

Return to Security & Virus

Who is online

Users browsing this forum: No registered users and 3 guests

cron
cron