Slashdot Mirror

← Back to Stories (view on slashdot.org)

Latest WinWorm Spreads Via ICQ And Outlook

Posted by timothy on from the how-vastly-creative dept.

mgooderum was among the many to write in about yet another snippet of malice making the Windows desktop rounds: "The latest email virus -- 'Goner' -- is apparently running around this morning (AP news story on Iwon here - no login needed). The virus is a typical worm that spreads via attachments and user's address books. It appears as a message with an attachment that starts: 'How are you ? When I saw this screen saver I immediately thought about you...' Goner is apparently non-destructive other than the normal DoS issues with the load from it forwarding itself everywhere. What's moderately unique are two features. One is its ability to replicate via ICQ as well as the usual Outlook and Outlook Express. Two is its small size -- it has a packed form that is only 159 bytes. Symantec has details here; McAfee has details here." Update: 12/04 21:57 GMT by T : That should read 159 kilobytes. And as many posters have pointed out, "destructive" is in the eye of the beholder.

1 of 598 comments (clear)

  1. Now I have some extra ammo... by Rude+Turnip · · Score: 2, Redundant

    To explain to others why Windows-based firewalls like ZoneAlarm and BlackIce are inherently less secure than dedicated firewall devices and dedicated Linux firewall solutions...the fact that they run on Windows means they can be knocked dead by a virus.

    And speaking of antivirus software...everyone at my company received a warning email about this virus today from the admin. I took the opportunity to reply back to his email with the following:

    *****
    On the topic of virii, Mcafee and Symantec's Norton AV may be leaving a "backdoor" open in its future product updates to accomodate the FBI's Magic Lantern virus for Outlook. I doubt the government really wants to spy on us, but think of this:

    As soon as someone figures out how to mimmick Magic Lantern's signature/fingerprint/code/etc., crackers everywhere will have an easy way into any computer protected by Mcafee or Norton AV. Wave good-bye to confidentialty. This is rather alarming. Here's a link to an article from Wired:

    http://www.wired.com/news/conflict/0,2100,48648, 00 .html

    Here is a link to an article on the topic from the Forum on Risks to the Public in Computers and Related Systems

    http://catless.ncl.ac.uk/Risks/21.77.html

    This is just a junior analyst's opinion, but I would begin seeking virus protection alternatives.
    *****

    --
    Bill Clinton: Pimp we can believe in. - The Shirt!!!