|
|
| Applications |
| Mailing Lists |
| Miscellaneous |
| Operating Systems |
| Programming |
RE: klez variant??
Date: Fri Jan 31 2003 - 16:10:20 EST
Maybe Sadhound
http://www.sarc.com/avcenter/venc/data/backdoor.sadhound.html http://www.messagelabs.com/viruseye/report.asp?id=130 (read both - they have very different perspectives on this malware)
This had a big outbreak stopped in the Netherlands a few days ago, but it is reportedly still being sent around. It is supposedly not a worm, but is sent manually - the intruder sends it in the guise of spam.
Senders of the trojan are using triple extensions, which bypass many file extension filters and Outlook internal protection features. Sadhound was not picked up by Symantec until today so it could easily have bypassed your AV protection. I have not checked other vendors for the status of their protection.
Just a guess. HTH.
- Jim
-----Original Message-----
From: Peter Snell [mailto:PSnell@daymon.com]
Sent: Thursday, January 30, 2003 13:11
To: Incidents@securityfocus.com
Subject: klez variant??
Has anyone else seen this type of activity lately, or have any thoughts on this?
Thanks,
Peter
Peter Snell, MCP
LAN Admin
Daymon Associates
* (210) 299-8164
* psnell@daymon.com
This list is provided by the SecurityFocus ARIS analyzer service. For more information on this free incident handling, management and tracking system please see: http://aris.securityfocus.com
This list is provided by the SecurityFocus ARIS analyzer service. For more information on this free incident handling, management and tracking system please see: http://aris.securityfocus.com Received on Sun Feb 2 11:44:29 2003
This archive was generated by hypermail 2.1.8 : Wed Aug 23 2006 - 14:01:57 EDT
|
Contact Us Legal Notices Order Services Online Pantek Home Privacy Policy IT news Site Map Pantek Library |