New Email Worm with Backdoor Capabilities!

Symantec response reports W32.HLLW.Cult.C@mm level 2 email worm with backdoor capabilities found on 4-2-03!

This question was answered on April 4, 2003. Much of the information contained herein may have changed since posting.

---

W32.HLLW.Cult.C@mm is an email worm that has backdoor capabilities It uses its own SMTP engine to send itself to randomly generated recipient names at these domains:

        -email.com

        -earthlink.net

        -roadrunner.com

        -yahoo.com

        -msn.com

        -hotmail.com

The email message has the following characteristics:

Subject: Hi, I sent you an eCard from BlueMountain.com

Message:

Hi , I sent you an eCard from Blue-Mountain.com To view your eCard, open the attachment

If you have any comments or questions, please visit http:/ /www.bluemountain.com/customer/index.pd

Thanks for using BlueMountain.com.

Attachment: BlueMountaineCard.pif

All Windows operating systems are affected.

Get complete instruction on protection and removal from Symantec at:

<a href= "http://sarc.com/avcenter/venc/data/[email protected]"> http://sarc.com/avcenter/venc/data/w32.hllw.cult.c@mm.html</a>

About the author

Posted by Michal of Data Doctors on April 4, 2003

Need Help with this Issue?

We help people with technology! It's what we do.
Contact or Schedule an Appointment with a location for help!