|
Computer
Help Desk - New MyDoom variant
It’s a full-time job working to combat the slew of
viruses that attack millions of computers all over the world.
Unfortunately, the task appears to be getting tougher as hackers
become more creative in their devious practices.
A couple months ago, a new variant of the MyDoom worm appeared
with a different approach to infiltrating your system. MyDoom
is a destructive virus that spreads itself when unsuspecting
users open files attached to infected email.
The subject line often includes: “Mail Delivery system,”
“Test,” “Server report,” and “Hello,”
among others.
The old method was to send an attachment with the destructive
virus waiting to do harm as soon as you opened it. New anti-virus
patches for Microsoft’s Internet Explorer browser would
fight the danger head-on and prevent you from ever having
to worry about it. However, the latest threat actually sent
an email encouraging you to click on a link in the body of
the message. The link takes you to a site where the virus
is waiting to do its damage. You (unknowingly) go to the virus,
the virus doesn’t come to you.
Some emails posing as reputable companies send messages that
can easily trick an unsuspecting consumer into clicking on
the link. One fake email says:
“Congratulations! PayPal has successfully charged
$175 to your credit card. Your order tracking number is A866DEC0,
and your item will be shipped within three business days.
To see details please click this link.”
What scares Microsoft most is the fact that this new variant
was released before a patch could be made. Usually, a patch
is made available before the virus reaches the public. Unfortunately,
the time difference between the knowledge of a security flaw
and the creation of a virus has shortened significantly, says
Stuart McClure, president and CTO of Foundstone Strategic
Security. Only two years ago, Microsoft would be aware of
the flaw and be well on its way to creating a new patch four
to six weeks before the virus was unleashed.
“For the first six months of this year, (that time
difference) was about 5.8 business days, and in the most recent
case it was just two days,” says Alfred Huger, senior
director of engineering with Symantec Calgary. “The
problem is that it is extremely difficult for a vendor to
put out a patch in that short of a time.”
Those who have Service Pack 2 for Windows XP already have
certain protections against the new MyDoom worm, but Microsoft
is still investigating how serious a threat this virus poses.
Here at EagleNet, we are also working to protect you from
viruses through our Tier 1 Data Center. EagleNet stops an
average of four viruses per minute each day
using a variety of virus filters. Our team updates these filters
multiple times each day to catch the latest viruses before
they have the opportunity to threaten your system.
To make sure your system is as safe as possible, EagleNet
also recommends that customers use anti-virus software such as
Norton AntiVirus, McAfee or AVG Anti-Virus. For more
information on protecting your business from viruses,
please contact a business account manager at 888.999.3245.
Return to top
Top 10 Viruses and Hoaxes
The top ten viruses in December 2004 were as follows:
| 1. |
W32/Zafi-D |
36.8% |
| 2. |
W32/Sober-I |
20.7% |
| 3. |
W32/Netsky-P |
15.5% |
| 4. |
W32/Zafi-B |
8.6% |
| 5. |
W32/Netsky-D |
2.8% |
| 6. |
W32/Netsky-Z |
2.5% |
| 7. |
W32/Bagle-AA |
2.0% |
| 8. |
W32/Netsky-B |
1.7% |
| 9. |
W32/Netsky-AD |
1.2% |
| 10. |
W32/MyDoom-O |
1.0% |
| Others |
.2% |
"Zafi-D is December's only new entry, and it has moved
to the top of the chart, overshadowing the once dominant Netsky-P
and Zafi-B. Although it was only discovered mid-month, Zafi-D
caused major havoc during the holidays, accounting for more
than a third of all virus reports in December," said
Gregg Mastoras, senior security analyst at Lynnfield, MA-based,
Sophos, Inc. "Zafi-D tricked large numbers of users into
opening an attachment thinking it was a joke when actually,
they were launching malicious code."
"Only 24 hours after it was discovered, Zafi-D accounted
for more than 72% of all virus reports, and one in ten emails
were infected by the worm. It is quite alarming to see a virus
gain so much traction in such a short amount of time. The
damage could have been avoided if users took precautionary
measures by keeping their anti-virus protection up-to-date,"
continued Mastoras.
The top ten hoaxes in December 2004 were as follows:
| 1. |
Hotmail hoax |
32.6% |
| 2. |
Meninas da Playboy |
9.7% |
| 3. |
A virtual card for you |
7.8% |
| 4. |
Elf Bowling |
5.4% |
| 5. |
Yahoo instant message |
4.2% |
| 6. |
Applebees Gift Certificate |
3.5% |
| 7. |
Bonsai kitten |
3.1% |
| 8. |
Budweiser frogs screensaver |
2.3% |
| 9. |
Jamie Bulger |
2.0% |
| 10. |
Bill Gates fortune |
1.5% |
| Others |
27.9% |
"The Christmas-themed Elf Bowling hoax re-entered the
chart in December. The hoax warned computer users to be wary
of emails containing a game called Elfbowl.exe, which it claims
to be a dangerous virus," continued Mastoras. "Although
there have been viruses disguised as games, this warning is
totally a fraud. However, it is possible for the game to be
infected by a virus in the future and be redistributed via
email. Users should rely on information found on the websites
of reputable firms in order to keep up-to-date with the latest
threats."
Source: Sophos.com
Return to top |
