lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list]
Message-ID: <20031031230603.9538.qmail@sf-www3-symnsj.securityfocus.com>
Date: 31 Oct 2003 23:06:03 -0000
From: K-OTiK Security <Special-Alerts@...tik.com>
To: bugtraq@...urityfocus.com
Subject: Re: Mimail.C (Denial of Service Attack)


In-Reply-To: <20031031151823.26363.qmail@...www1-symnsj.securityfocus.com>

it seems that this worm attempts to launch a Denial of Service Attack by sending a large amount of data to known servers (port 80 / ICMP). The worm verifies that a connection is active by contacting google.com, then the DoS is launched against "darkprofits" domains (marketing operation ?)

Due to an increased rate of submissions Symantec Security Response has upgraded W32.Mimail.C@mm to a Category 3 threat from a Category 2 threat. 

http://securityresponse.symantec.com/avcenter/venc/data/w32.mimail.c@mm.html
http://us.mcafee.com/virusInfo/default.asp?id=description&virus_k=100795

Regards.
K-OTik Staff /// http://www.k-otik.com


>From: Alan <alan.tennent@...group.com>
>To: bugtraq@...urityfocus.com
>Subject: Mimail.C
>
>
>
>The irritation has begun  :/
>A new version of Mimail.C has cropped up.  It spoofs the recipients domain and sends the mail as 'james@<spoofed domain>' and has an attachment: pictures.jpg.exe
>
>Some clients have reported massive amounts of lag due to its mass mailing and one client's firewall dropped as a result, although this might not be related.
>
>More info can be found on:
>http://www.f-secure.com/v-descs/bics.shtml
>
>Antigen pics the attachment up as I-Worm.WatchNet
>
>Keep an eye out and inform your users
>
>cheers
>


Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ