Symantec response reports W32.HLLW.Cult.C@mm level 2 email worm with backdoor capabilities found on 4-2-03!
This question was answered on April 4, 2003. Much of the information contained herein may have changed since posting.
W32.HLLW.Cult.C@mm is an email worm that has backdoor capabilities It uses its own SMTP engine to send itself to randomly generated recipient names at these domains:
    -email.com
    -earthlink.net
    -roadrunner.com
    -yahoo.com
    -msn.com
    -hotmail.com
The email message has the following characteristics:
Subject: Hi, I sent you an eCard from BlueMountain.com
Message:
Hi , I sent you an eCard from Blue-Mountain.com To view your eCard, open the attachment
If you have any comments or questions, please visit http:/ /www.bluemountain.com/customer/index.pd
Thanks for using BlueMountain.com.
Attachment: BlueMountaineCard.pif
All Windows operating systems are affected.
Get complete instruction on protection and removal from Symantec at:
<a href= "http://sarc.com/avcenter/venc/data/[email protected]"> http://sarc.com/avcenter/venc/data/w32.hllw.cult.c@mm.html</a>
About the author
Posted by Michal of Data Doctors on April 4, 2003
Need Help with this Issue?
We help people with technology! It's what we do.
Contact or Schedule an Appointment with a location for help!