Greetings, The topsight security matrix today revealed that the W32.Swen.A@mm is still running rampant at least on our little section of the net. Also today W32.Novarg.A@mm began it's mass mailing and distribution. To read more click the read more link below
Direct from Symantec:
W32.Novarg.A@mm is a mass-mailing worm that arrives as an attachment with the file extension .bat, .cmd, .exe, .pif, .scr, or .zip. When a computer is infected, the worm will set up a backdoor into the system by opening TCP ports 3127 thru 3198. This can potentially allow an attacker to connect to the computer and use it as a proxy to gain access to its network resources. In addition, the backdoor has the ability to download and execute arbitrary files.
The worm will perform a DoS [On SCO.COM]starting on February 1, 2004. It also has a trigger date to stop spreading on February 12, 2004. *
Also wired.com posted an associated press article on the new worm which is avalable here
For an in depth analysis of this new mass mailing virus/worm/mass mailing trojan click here
Topsight.net
http://www.topsight.net/article.php/20040127113726121