New Email Worm with Backdoor Capabilities!

Question

Symantec response reports [email protected] level 2 email worm with backdoor capabilities found on 4-2-03!

Answer

This question was answered on April 4, 2003. Much of the information contained herein may have changed since posting.

[email protected] is an email worm that has backdoor capabilities It uses its own SMTP engine to send itself to randomly generated recipient names at these domains:

        -email.com

        -earthlink.net

        -roadrunner.com

        -yahoo.com

        -msn.com

        -hotmail.com

The email message has the following characteristics:

Subject: Hi, I sent you an eCard from BlueMountain.com

Message:

Hi , I sent you an eCard from Blue-Mountain.com To view your eCard, open the attachment

If you have any comments or questions, please visit http:/ /www.bluemountain.com/customer/index.pd

Thanks for using BlueMountain.com.

Attachment: BlueMountaineCard.pif

All Windows operating systems are affected.

Get complete instruction on protection and removal from Symantec at:

<a href= "http://sarc.com/avcenter/venc/data/[email protected]"> http://sarc.com/avcenter/venc/data/[email protected]mm.html</a>

Need Help with this Issue?

We help people with technology! It's what we do.
Schedule an Appointment with a location for help!

Author

Posted by Michal of Data Doctors on April 4, 2003