document.writeln("
MyDoom.O causing denial of service attacks
New
York, USA:
Message Labs, the leading provider of managed email security
services to businesses worldwide, is advising computer
users that W32.Mydoom.O contains multiple search engine
URLs and is using them to harvest additional domain email
addresses. MyDoom.O searches user files (DOC TXT HTM and
HTML) for domain names, then uses search engines (Lycos,
AltaVista, Yahoo and Google) to search for "e-mail"
and the harvested domain in order to gain access to other
email addresses. There is a strong likelihood that web-based
lists such as phone books, memberships, discussion boards
and general user home pages will be harvested by the machine
and in turn infect others. A search on Google using the
same "e-mail" + domain method has generated
a "Forbidden" message, which may indicate activity
on the part of the search engines to thwart the virus.
According to Message Labs, because MyDoom.O contains web
site links and auto executes searches to specific and
targeted sites, this virus is resulting in distributed
Denial of Service attacks against Lycos, AltaVista, Yahoo
and Google.
The URLs contained in MyDoom.O are:
http://search.lycos.com/default.asp?lpv=1&loc=searchhp&tab=
web&query=%s
http://www.altavista.com/web/results?q=%s&kgs=0&kls=0
http://search.yahoo.com/search?p=%s&ei=UTF-8&fr=fp-tab-web-t&cop=
mss&tab=
http://www.google.com/search?hl=en&ie=UTF-8&oe=UTF-8&q=%s
According to other intelligence now circulating, MyDoom.O
can also harvest emails from any Outlook Windows active
on the compromised machine. This will lead to additional
propagation via SMTP even after a peak infection period
General
Details
Name: W32/MyDoom.O-mm
Time & date first captured: July 26, 2004; 4:40 AM
EST
Origin of first intercepted copy: UK
MyDoom.O is a mass-mailing worm with an SMTP engine that
sends emails to addresses harvested from infected machines.
The sender's From: email address is forged, and therefore
does not indicate the true identity of the sender. MyDoom.O
may also spoof from the mailer-daemon@ address, which
is typically used to indicate a delivery failure, thus
enhancing its social engineering trickery. The executable
file is approximately 27,648 bytes in size. The virus
is also packed with UPX v1.0x and stored in a ZIP attachment.
NB: The virus is also being referred to as: MyDoom.M,
I-Worm.Mydoom.M, I-Worm.Mydoom. R, and W32/Mydoom.L.
File
Types
PIF, SCR, DOC , EXE, HTM
Email Characteristics
From: Spoofed email address (including mailer-daemon@,
noreply@)
Subject: Random (see below)
Text: Various
Size: 27,648 bytes
Subject
Hi, delivery failed, Message could not be delivered, Mail
System Error - Returned Mail, Delivery reports about your
e-mail, Returned mail: see transcript for details, Returned
mail: Data format error instruction, MAILER-DAEMON, "Mail
Administrator", "Automatic Email Delivery Software",
"Post Office", "The Post Office",
"Bounced mail", "Returned mail", "Mail
Delivery Subsystem" Message Labs is the leading provider
of managed email security services to businesses worldwide.
Back
to News Review index page
Google acknowledges MyDoom virus
attack
New
York, USA: Google,
the Internet search engine, was unable to provide search
results to some web surfers on Monday, because of a variant
of the MyDoom virus. Users of other popular search engines
such as Yahoo and Lycos also experienced sluggish behavior.
Google said its site experienced slowness for a short
period of time early on Monday because of the MyDoom virus,
which flooded major search engines with automated searches.
The latest incarnation of the virus uses search engines
on infected computers to look for more e-mail addresses
in order to keep replicating itself.
Back
to News Review index page
ACC-1001: Revolutionary ethernet accelerator
Los
Angeles, USA: Perfisans
Holdings Inc. an emerging cutting-edge technology company
focused on the growing gigabit Ethernet market, has announced
that its 10/100/1000Mbps Ethernet Accelerator, the ACC-1001,
has commenced production. The ACC-1001 is a sophisticated
system-on-chip (SOC) device that uses innovative architectures
to bring gigabit Ethernet speeds to the Windows 2000 and
XP customer base. The Company's strategic plan targets
the $1 billion small office/home office (SOHO) and entry-level
enterprise markets, which mostly use the Windows operating
system. The advanced features of the ACC-1001 will also
deliver significant cost/performance benefits to both
Internet Service Providers (ISPs), who can now offer their
clients faster data throughput, and Network Interface
Card (NIC) manufacturers, who can achieve reduced design
cycles, lower costs and faster times to market.
The ACC-1001 is an affordable and cost-effective solution
that frees up the host processor in order to significantly
increase data throughput and is fully backward compatible
with legacy 10/100 megabit Ethernet systems, thus avoiding
additional equipment costs for ISPs. In much the same
way an upgrade to a faster CPU increases the processing
power of a computer, Perfisans' microchip increases the
speed of the processing power of network and internet
connections in existing and new equipment. Founded in
2001, Perfisans Holdings, Inc. is an emerging advanced
ASIC design house focused on developing leading edge,
cost-effective, system-on-chip (SOC) integrated circuits
(IC) and delivering innovative solutions that address
the performance needs of next generation network systems.
Back
to News Review index page
