New Email Worm with Backdoor Capabilities!
Question
Symantec response reports [email protected] level 2 email worm with backdoor capabilities found on 4-2-03!
Answer
This question was answered on April 4, 2003. Much of the information contained herein may have changed since posting.
[email protected] is an email worm that has backdoor capabilities It uses its own SMTP engine to send itself to randomly generated recipient names at these domains:
    -email.com
    -earthlink.net
    -roadrunner.com
    -yahoo.com
    -msn.com
    -hotmail.com
The email message has the following characteristics:
Subject: Hi, I sent you an eCard from BlueMountain.com
Message:
Hi , I sent you an eCard from Blue-Mountain.com To view your eCard, open the attachment
If you have any comments or questions, please visit http:/ /www.bluemountain.com/customer/index.pd
Thanks for using BlueMountain.com.
Attachment: BlueMountaineCard.pif
All Windows operating systems are affected.
Get complete instruction on protection and removal from Symantec at:
<a href= "http://sarc.com/avcenter/venc/data/[email protected]"> http://sarc.com/avcenter/venc/data/[email protected]mm.html</a>
Need Help with this Issue?
We help people with technology! It's what we do.
Schedule an Appointment with a location for help!
Author
Posted by Michal of Data Doctors on April 4, 2003