Scoop has an Ethical Paywall
Licence needed for work use Learn More

Video | Business Headlines | Internet | Science | Scientific Ethics | Technology | Search

 

Symantec Security Response - W32.Novarg.A@mm Updat

Symantec Security Response - W32.Novarg.A@mm (also known as Novarg, Shimgapi, W32/Mydoom@MM and Win32/Shimg) update

Symantec Security Response has been continuing to track W32.Novarg.A@mm (also known as Novarg, Shimgapi, W32/Mydoom@MM and Win32/Shimg) and has noticed significant new activity surrounding the threat:

Symantec's Threat Management System is seeing activity targeting port 3127. This indicates that attackers have begun scanning for and are potentially compromising infected systems. They are targeting the backdoor on this port, which can allow them to upload new malicious code as well as use the infected system to launch further attacks and forward SPAM email. To date Symantec has seen 2,000 unique sources scanning for this port.

To date, Symantec Security Response has received 4,800 submissions worldwide of W32.Novarg.A@mm. Symantec Security Response has witnessed a spike in submissions in the last three hours of W32.Novarg.A@mm, bringing submissions back up to a 100-140 per hour rate. Prior to this spike, the submissions had leveled off to 80 per hour in the last 15 hours. Symantec Security Response is continuing to research and monitor the spike.

Symantec Security Response has confirmed there is a variant of W32.Novarg.A@mm, W32.MyDoom.B@mm and has rated it a Level 2 threat. W32.MyDoom.B@mm is a mass-mailing worm that arrives as an attachment. It performs a denial of service attack on www.sco.com and www.microsoft.com and allows unauthorized remote access to the compromised host.

ENDS


Advertisement - scroll to continue reading

© Scoop Media

Advertisement - scroll to continue reading
 
 
 
Business Headlines | Sci-Tech Headlines

 
 
 
 
 
 
 
 
 
 
 
 
 

Join Our Free Newsletter

Subscribe to Scoop’s 'The Catch Up' our free weekly newsletter sent to your inbox every Monday with stories from across our network.