Welcome to P2PNET.net - The original daily p2p and digital news site. Always First!
Register | Login
RIAA News
Cool Stuff
MPAA News
Games / Consoles
News
Music
Movies
TV
Open Source
Mobiles
Advertising
Product News
P2P
Off Topic
Freedom
Politics
Interviews
Security
DRM
Links
Kids and Kartels
Search: 
Search
 
Web P2PNET   
   Search: 
Search
Torrent Site Tracker
MP3Rocket
 
Add real-time p2pnet headlines to YOUR site ! Click here to download our newsfeed code

Netsky.c – the new bug in town

p2pnet.net News:- A new worm with a taste for p2p networks has made an appearance.

With Mydoom and its variations firmly established, and with the self propagating MyDoom.F as the latest, Netsky.C, also called Moodown.C, arrived on the Net yesterday and, “has been improved comparing to previous variants of the worm,” says F-Secure.

Netsky.c doesn’t open backdoor Internet access to the infected computer, “but will execute a beeping sound on infected computers if the date is February 26, 2004, between the local time of 6 a.m. and 9 a.m,” says ZDNet here.

“It will also attempt to remove copies of the MyDoom.a, MyDoom.b, Netsky.a, and Netsky.b worms, if the machine has previously been infected with those worms. Netsky.c affects only Windows users; Linux, Mac OS, and Unix users are not affected. Because this worm spreads via e-mail and networked shared files and could congest e-mail servers with excess traffic, Netsky.c rates a 6 on our Virus Meter.”

Netsky.C spreads itself in e-mails inside a ZIP archive or as an executable attachment, and also copies itself to shared folders of all available drives, says F-Secure, “This allows the worm to spread in P2P (peer-to-peer) and local networks.

The subject of infected messages include:

Delivery Failed; oh; Status; report; question; trust me; hey; Re: excuse me; read it immediatelly [sic]; hi; Re: does it?; Yep; important; hello; ear; Re: unknown; fake?; warning; moin; what’s up?; info; Re: information; Here is it; stolen; private?; good morning; illegal…; error; take it; re:; Re: Re: Re: Re:; you?; something for you; exception; Re: hey; excuse me; Re: hi; Re: does it?; Re: important; Re: hello; believe me; Question; denied!; notification; Re: <5664ddff?$??ยง2>; lol; last chance!; I’m back!; its me; and, notice!

As with previous variants, the worm can use one or two extensions for its attachments, says F-Secure. For the first extension the worm uses .txt, .rtf, .doc and .htm and for the second, .exe, .scr, .com and .pif.

F-Secure provides a NetSky.C worm disinfection utility here and disinfection instructions here.

This entry was posted on Thursday, February 26th, 2004 at 7:54 pm and is filed under Uncategorized. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.

HOME

Viewed 1368 times

« previous Net kiddie porn ring smashed
Microsoft’s Japanese HQ raided next »

Leave a Reply

Please no Spam, flaming (attacking others), trolling, and posting off-topic. Thanks.

    Advertisements
TekSavvy


Remove Spyware with AntiSpyware for Windows®