Здрасти банда, След като тази гад се промъкна до LUG-BG снощи, днес се разрових по мрежата и ви пращам кратко описание, тъй като в списъка има доста хора, използващи MUA под Win. Червейчето е ново, спамърско и гадно, но за късмет троянската му част май не работи.
С три думи - Update antivirus software! Докато не са ви изпищяли потребителите... Mass-mailing worm [EMAIL PROTECTED] is kicking up a storm, as its expiry date of January 28th is multiplying fears among security experts, who believe that more robust versions of the worm could be slated for release soon The worm accesses remote Web sites and sends emails to any address that it can find. It also appears that the writer originally intended to incorporate a backdoor functionality into the worm. However, due to certain bugs in the code, the backdoor feature fails to function. W32.Beagle has already started to spread rapidly across networks in Australia, with Symantec classifying the worm's geographical distribution as ‘high’. The worm is bundled in an email, which has the following characteristics: The worm arrives in an e-mail file attachment with a randomly generated name and EXE extension. E-mail messages containing the worm have the subject "Hi" and a message body that reads: "Test =)" followed by some randomly generated characters and then "Test, yep," said F-Secure Corp. of Helsinki. Subject: Hi Filename: .exe File size: 15,872 bytes Also known as WORM_BAGLE.A (Trend Micro), it affects Windows versions 2000, 95, 98, Me, NT, XP and Server 2003. However, DOS, Linux, Macintosh, Microsoft IIS, OS/2, UNIX, and Windows 3.x users will not be affected. When the worm is executed, it inserts the file %System%beagle.exe, and snoops for activity on port 6777. Bagle spreads via e-mail using its own SMTP engine. It generates a list of addresses to send itself to by scanning and searching .wab, .txt, .htm, and .html files on an affected machine. It also uses these addresses in order to 'spoof' the 'From' address. Users who suspect that their machines may be infected with the virus should look for a file called bbeagle.exe in their Windows System directory. The file disguises itself with Microsoft's familiar calculator icon. Antivirus sites like Computer Associates, Network Associates, and Symantec, have posted software updates as well as manual removal instructions to counter the threat. ============================================================================ A mail-list of Linux Users Group - Bulgaria (bulgarian linuxers). http://www.linux-bulgaria.org - Hosted by Internet Group Ltd. - Stara Zagora To unsubscribe: http://www.linux-bulgaria.org/public/mail_list.html ============================================================================