Worm Acts with mIRC to Allow Remote Access - WinPlanet Windows Software Reviews

You are in the: Small Business Computing Channel

ť ECommerce-Guide | Small Business Computing | Webopedia | WinPlanet |Refer-It

Power Search | Tips

Browsers

Chat / Conferencing

Desktop Utilities

Development

Internet Apps

Multimedia

OS Service Packs

Productivity Tools

Enter a keyword

Newsletters offering Windows news, articles, tips and reviews.

Partners & Affiliates

Small Business Computing

Ecommerce Guide

Webopedia

WinPlanet

WinPlanet / News

Download of the day

• Internet Explorer 8

Most Popular Software Downloads

• Opera

• Internet Explorer 7

• QuickTime for Windows

• Winamp

• Mozilla Firefox 3

• Ad-Aware 2008 Free

• Adobe Flash Player

• Paint Shop Pro

• Adobe Shockwave Player

• AVG Anti-Virus Free

• 7-Zip

Most Popular Software Articles

• Windows Vista Tips & Tricks, Part 1

• Windows Vista: Worthy of the Hype?

• Windows Wireless Zero Configuration: Five Steps to Sanity

Software Reviews

Worm Acts with mIRC to Allow Remote Access
Mass-Mailing Worm Poses as Microsoft Windows Update
Esther Shein

Mass-Mailing Worm Poses as Microsoft Windows Update

Worm_Swen.A is a new mass-mailing worm that poses as a legitimate email from Microsoft Windows Update.

The emails contain an attachment with a random file name that has one of the following file extensions:

COM

SCR

BAT

PIF

EXE

The worm also attempts to propagate via peer-to-peer (P2P) file-sharing networks, such as KaZaA. It can also propagate via IRC and via newsgroups. It terminates running antivirus and firewall software.

This worm uses an old Microsoft Internet Explorer Vulnerability tackled in the Microsoft Security Bulletin (MS01-020) entitled "Incorrect MIME Header Can Cause IE to Execute E-mail Attachment." It sends some of its email messages containing an exploit to this vulnerability, causing the attachments to automatically execute whenever the messages are viewed or previewed in Microsoft Outlook or Outlook Express.

This malware is written and compiled in Microsoft Visual C++, a high-level programming language. It runs on Windows 95, 98, ME, NT, 2000, and XP.

You can view what the emails look like at this Trend Micro page.

News courtesy of eSecurity Planet.

« Previous Page

Contents:
1. One of Several New Worms to Emerge This Week
2. Mass-Mailing Worm Poses as Microsoft Windows Update

Additional Articles:

mIRC 5.31

Let's Chat About Firewall Issues

Search:

Jupitermedia Corporation has two divisions: Jupiterimages and JupiterOnlineMedia

Jupitermedia Corporate Info

Legal Notices, Licensing, Reprints, & Permissions, Privacy Policy.

Advertise | Newsletters | Tech Jobs | Shopping | E-mail Offers

Solutions

Whitepapers and eBooks
Adobe Acrobat Connect Pro: Web Conferencing and eLearning Whitepapers Microsoft Article: Will Hyper-V Make VMware This Decade's Netscape? Avaya Article: Avaya AE Services Provide Rapid Telephony Integration with Facebook Intel Go Parallel Article: Getting Started with TBB on Windows Microsoft Article: 7.0, Microsoft's Lucky Version?		Intel Go Parallel Article: Intel Threading Tools and OpenMP HP eBook: Storage Networking , Part 1 Avaya Article: Speech Sandbox: Application Simulation in Avaya Dialog Designer MORE WHITEPAPERS, EBOOKS, AND ARTICLES

Webcasts
HP Video: StorageWorks EVA4400 and Oracle HP Webcast: Storage Is Changing Fast - Be Ready or Be Left Behind		MORE WEBCASTS, PODCASTS, AND VIDEOS

Downloads and eKits
30-Day Trial: SPAMfighter Exchange Module Red Gate Download: SQL Toolbelt and free High-Performance SQL Code eBook		Iron Speed Designer Application Generator MORE DOWNLOADS, EKITS, AND FREE TRIALS

Tutorials and Demos
Featured Algorithm: Intel Threading Building Blocks - parallel_reduce Silverlight 2 App and Walkthrough: Leverage Silverlight 2 with SQL Server and XML		HP Demo: StorageWorks EVA4400 MORE TUTORIALS, DEMOS AND STEP-BY-STEP GUIDES