|
You are here: Home > Archive > News 2006 - 2005
News 2006 - 2005
* June 2006 |
|
| W32.Beagle.FF aka Bagle.FB/FN: A mass-mailing worm. Opens a back door, possibility to lower security settings and even tries to download or execute remote files. The email has the following characteristics: Body: "I Love You" or "To Be Beloved". Attachment name: [Random name].zip |
W32.Beagle Family |
* March 2006 |
|
| W32.Beagle.DQ aka Bagle.DX: A mass-mailing worm. Also tries to spread itself through file-sharing networks. Opens a back door, possibility to lower security settings and even tries to download/execute remote files. | W32.Beagle Family |
* February 2006 |
|
| W32.Blackmal.E aka Win32.Nyxem.e: Uses its own SMTP engine. Spreads through network shares.Tries to disable security related applications and attempts to rewrite files with modified text every 3rd day of the month. Keywords: Kama Sutra, Miss Lebanon, Sex pics, Free video, My Wife |
F-Secure McAfee Symantec Trend Micro |
* November 2005 |
|
| W32.Mytob.MX aka Mytob.do: Uses its own SMTP engine. Spreads by sending itself as email attachment to addresses collected on the infected computer. Tries to disable security related applications. |
W32.Mytob Family |
| W32.Sober.X[Y] aka Sober.AG:uses its own SMTP engine. Spreads by sending itself as email attachment to addresses collected on the infected computer. Tries to lower securityu settings. Email subject varies and will be in English or German. |
W32.Sober Family |
| W32.Sober Family - New variants Sober.S/T/V:all use their own SMTP engine. Spreads by sending itself as email attachment to addresses collected on the infected computer. Email subject varies and will be in English or German. |
W32.Sober Family |
* October 2005 |
|
| W32.Sober.Q[R/S] aka Sober.AC:uses its own SMTP engine. Spreads by sending itself as email attachment to addresses collected on the infected computer. Email subject varies and will be in English or German. |
W32.Sober Family |
* August 2005 |
|
| W32.Esbot.A aka W32/IRCbot: a worm that spreads by exploiting the Microsoft Windows Plug and Play Service Vulnerability. Related Microsoft patches and information available at: Vulnerability in Plug and Play Could Allow Remote Code Execution and Elevation of Privilege (899588) |
F-Secure McAfee Symantec Trend Micro |
| W32.Zotob family: a worm that spreads by exploiting the Microsoft Windows Plug and Play Service Vulnerability. Computers running Windows 95/98/Me/ NT4 cannot be infected, but can still be used to infect vulnerable computers that they can connect to. Related Microsoft patches and information available at: Vulnerability in Plug and Play Could Allow Remote Code Execution and Elevation of Privilege (899588) |
W32.Zotob Family |
* July 2005 |
|
| W32.Mytob family: added new variants. | W32.Mytob Family |
* June 2005 |
|
| W32.Mytob family: multiple variants. Uses its own SMTP engine. Spreads by sending itself as email attachment to addresses collected on the infected computer. | W32.Mytob Family |
* May 2005 |
|
| W32.Lanieca.A aka Eyeveg: uses its own SMTP engine. Spreads by sending itself as email attachment to addresses collected on the infected computer. | F-Secure Symantec Trend Micro |
| W32.Mydoom.BO aka Mytob: uses its own SMTP engine. Spreads by sending itself as email attachment to addresses collected on the infected computer. Contains a backdoor that listens on TCP port 6677. |
W32.Mydoom Family |
| W32.Sober.O[P/S] aka Sober.O[P/S] :uses its own SMTP engine. Spreads by sending itself as email attachment to addresses collected on the infected computer. Email subject varies and will be in English or German. | W32.Sober Family |
* April 2005 |
|
| W32.Sober.N[O] aka Sober.N[O]:uses its own SMTP engine. Spreads by sending itself as email attachment to addresses collected on the infected computer. Email subject varies and will be in English or German. | W32.Sober Family |
* March 2005 |
|
| W32.Sober.L[M] aka Sober.L[M]:uses its own SMTP engine. Spreads by sending itself as email attachment to addresses collected on the infected computer. Email subject varies and will be in English or German. The email has the following characteristics: Subject: "Ich habe Ihre E-Mail bekommen!". or Subject: "Your Password & Account number". Attachment name: *.zip |
W32.Sober Family |
* February 2005 |
|
| W32.Sober.K[L] aka Sober.K[L]:uses its own SMTP engine. Spreads by sending itself as email attachment to addresses collected on the infected computer. Email subject varies and will be in English or German. | W32.Sober Family |
| W32.Mydoom.AZ[BC] aka Mydoom.AZ[BC]: new variants of W32.Mydoom. Use it's own SMTP engine to send itself to all the email addresses it finds in Windows Address Book. |
W32.Mydoom Family |
| W32.Mydoom.AX[BB] aka Mydoom.AX[BB]: new variants of W32.Mydoom. Use it's own SMTP engine to send itself to all the email addresses it finds in Windows Address Book. | W32.Mydoom Family |
| W32.Bropia.F[J] aka Bropia.F[J]: uses MSN messenger for spreading and drops a variant of Spybot - Agobot on the infected system. |
F-Secure McAfee Symantec Trend Micro |
* January 2005 |
|
| W32.Beagle.AY[AZ] aka Bagle.AY[AZ]: a mass-mailing worm that also spreads through file-sharing networks and contains a backdoor that listens on TCP port 81. |
W32.Beagle Family |
| W32.Zar.A aka Zar.A:Uses uses MAPI to send an email to all addresses it finds in Microsoft Outlook Address Book. The email has the following characteristics: Subject: "Tsunami Donation! Please help". Attachment name: tsunami.exe |
F-Secure McAfee Symantec Trend Micro |
Advertising
Use 'DHL for You' for easy package sending in the Netherlands!
Save 10% off top Norton Products with Coupon Code 10NAMNORTONSTORE
Save now - 25% off - 2 year license of ESET NOD32 Antivirus 4
Save 20% on Trend Micro™ Titanium™ Maximum Security! Coupon Code: titanium20
Norton 360 Version 5.0 3 Year Protection
ZoneAlarm Internet Security Suite 2012 - Save 50%
