| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: 31 Oct 2003 23:06:03 -0000 From: K-OTiK Security <Special-Alerts@...tik.com> To: bugtraq@...urityfocus.com Subject: Re: Mimail.C (Denial of Service Attack) In-Reply-To: <20031031151823.26363.qmail@...www1-symnsj.securityfocus.com> it seems that this worm attempts to launch a Denial of Service Attack by sending a large amount of data to known servers (port 80 / ICMP). The worm verifies that a connection is active by contacting google.com, then the DoS is launched against "darkprofits" domains (marketing operation ?) Due to an increased rate of submissions Symantec Security Response has upgraded W32.Mimail.C@mm to a Category 3 threat from a Category 2 threat. http://securityresponse.symantec.com/avcenter/venc/data/w32.mimail.c@mm.html http://us.mcafee.com/virusInfo/default.asp?id=description&virus_k=100795 Regards. K-OTik Staff /// http://www.k-otik.com >From: Alan <alan.tennent@...group.com> >To: bugtraq@...urityfocus.com >Subject: Mimail.C > > > >The irritation has begun :/ >A new version of Mimail.C has cropped up. It spoofs the recipients domain and sends the mail as 'james@<spoofed domain>' and has an attachment: pictures.jpg.exe > >Some clients have reported massive amounts of lag due to its mass mailing and one client's firewall dropped as a result, although this might not be related. > >More info can be found on: >http://www.f-secure.com/v-descs/bics.shtml > >Antigen pics the attachment up as I-Worm.WatchNet > >Keep an eye out and inform your users > >cheers >
Powered by blists - more mailing lists