W32.Mimail.J@mm is yet another Mimail variant infecting systems!

Symantec response has upgraded W32.Mimail.J@mm to a Category 3 threat from a Category 2 threat on 11-18-03.

This question was answered on November 21, 2003. Much of the information contained herein may have changed since posting.

---

W32.Mimail.J@mm is a level 3 worm found on 11-17-03! This worm has infected email users accross the Web and steals personal information from infected users This worm displays a series of forms that ask users for credit card information The information is then sent to several predetermined email addresses It effects most Windows operating systems and has the following characteristics:

From: [email protected]

Subject: IMPORTANT <random string of characters>

Attachment: InfoUpdate.exe -or- www.paypal.com.pif

Message:

Dear PayPal member,

We regret to inform you that your account is about to be expired in next five business days To avoid suspension of your account you have to reactivate it by providing us with your personal information.

To update your personal profile and continue using PayPal services you have to run the attached application to this email Just run it and follow the instructions.

IMPORTANT! If you ignore this alert, your account will be suspended in next five business days and you will not be able to use PayPal anymore.

Thank you for using PayPal.

This is considered to be a wild worm with high distribution Symantec advises all users to download the latest virus definitions immediately and deploy, as well us updating all Microsoft security patches

Get complete instruction on protection and removal from Symantec at:

<a href= "http://www.sarc.com/avcenter/venc/data/[email protected]"> http://www.sarc.com/avcenter/venc/data/w32.mimail.j@mm.html</a>

About the author

Posted by Michal of Data Doctors on November 21, 2003

Need Help with this Issue?

We help people with technology! It's what we do.
Contact or Schedule an Appointment with a location for help!