புதிய வைரஸ் மை டோம் அல்லது நோவார்க் (My Doom or Novark)

[Guest]

[size=18]<b>புதிய வைரஸ் மை டோம் அல்லது நோவார்க் (My Doom or Novark)</b>

இந்த மின்கிருமி (வைரஸ்) பல கணணிகளை தாக்கி இருக்கின்றது இன்னும் தாக்கி கொண்டிருக்கின்றது.

இந்த மின்கிருமி பற்றிய மேலும் விபரங்கள் இதோ ....

பெயர்: மை டோம்(My Doom), நோவார்க்(Novark) மற்றும் பல

எப்படி தாக்குகிறது: மின்னஞ்சல் மூலம்

எப்படி தடுப்பது: முகம் தெரிந்த/தெரியாத மின்னஞ்சலில் வரும் கோப்புகளை திறக்காதீர்கள்

எப்படி சோதிப்பது: உங்கள் கணணியை பரிசோதிக்கும் இலவச மென்பொருளை முன்ணணி கணணி பாதுகாப்பு நிறுவனமான Symantec இருந்து பெற்று கொள்ளலாம்.

இதோ இணைய முகவரி: http://securityresponse.symantec.com/avcen...moval.tool.html


மேலதிக விபரங்களுக்கு கீழே இணைக்கப்பட்டுள்ள செய்திகளை பார்க்கவும். இந்த விபரங்கள் கூட அவற்றிலிருந்து எடுக்கப்பட்டவை தான். அனைத்தையும் மொழி பெயர்க்க நேரம் கிடைக்கவில்லை மன்னிக்கவும்.

[Guest]

<span style='font-size:25pt;line-height:100%'>Mydoom virus 'biggest in months'</span>


Computer users are advised to update anti-virus software
A computer virus spread via e-mail has been described by security experts as the "largest virus outbreak in months".
The malicious worm, called Mydoom or Novarg, has clogged networks and may allow unauthorised access to computers.

It arrives as an e-mail attachment in a text file which sends itself out to other e-mail addresses if opened.

Security experts MessageLabs said, at its peak, one in 12 e-mails carried the worm. It has now stopped more than 1.5 million copies of it.

It said this latest rapidly-spreading worm is bigger and faster than Sobig.F, the virus which crippled inboxes and networks last August, and it shows little sign of slowing.

"Sobig, at its peak, infected one in every 17 e-mails, causing many internet relays to become severely clogged," Mark Sunner, chief technology officer at MessageLabs told BBC News Online.

"Mydoom has now surpassed this, infecting an incredible one in every 12 e-mails, and so the impact of this latest virus may be very serious for affected e-mail users."

Fast harvester

The virus, which is also spread through file-sharing networks, is particularly malicious because it may open a "back door" to computers.

This is a piece of software which is deposited on a computer's hard drive if the attachment is opened. It listens to commands sent remotely over the net and acts on them.

Many of the e-mails look like they have been sent from organisations like charities or educational institutions, to fool recipients into opening it.

MYDOOM DETAILS
From: random e-mail address
To: address of the recipient
Subject: random words
Message body: several different mail error messages, such as: Mail transaction failed. Partial message is available
Attachment (with a textfile icon): random name ending with ZIP, BAT, CMD, EXE, PIF or SCR extension
When a user clicks on the attachment, the worm will start Notepad, filled with random characters
"Mydoom works by harvesting e-mail addresses from the infected computer, and randomly chooses from these the address identified as the next sender," explained Mr Sunner.

"The sender is therefore falsified in the Mydoom virus, so it is impossible for the recipient to actually tell where the e-mail has really come from."

Thousands of e-mails triggered by the worm, which only affects computers using Microsoft Windows, were bombarding networks within hours of its discovery on Monday.

The worm is similar to 2003's Bugbear and Sobig in the way it spreads, Symantec's Kevin Hogan explained to BBC News Online.

"It is a very simple example. It simply relies on a human to double click on an attachment to run it."

It also seems it will attempt to perform a denial of service attack on SCO from 1 to 12 February, directing infected computers to flood SCO with data, he said.

SCO is a Unix vendor which has been in the news recently because it has claimed that key parts of the open-source operating system, Linux, are under SCO's copyright.

Last year's Blaster worm attempted a similar attack on Microsoft's website, which was stopped.

Delete and update

The e-mail carrying Mydoom often bears the subject "Test" or "Status". The message inside may read: "The message contains Unicode characters and has been sent as a binary attachment".

PROTECT YOURSELF FROM VIRUSES
Install an anti-virus program.
Keep it up to date
Get the latest patches and updates for your operating system
Never automatically open e-mail attachments
Download or purchase software from trusted, reputable sources
Make backups of important files
"Mydoom can pose as a technical-sounding message, claiming that the e-mail body has been put in an attached file," said Graham Cluley from security firm Sophos.

"Of course, if you launch that file you are potentially putting your data and computer straight into the hands of hackers."

Symantec have advised anyone who has received the worm to avoid opening or double clicking the attachment.

Users should also ensure their anti-virus software is updated, so that if the attachment is opened by accident, the software will catch it.

If anti-virus software does not spot an infection once the attachment is launched, users should download the free tools available to deal with it.

The security firm added if users start getting unusual pop-up messages from their desktop firewall, the chances are the computer has been infected.

Thanx: BBC http://news.bbc.co.uk/1/hi/technology/3432639.stm

[Guest]

மேலும் தகவல்கள் ....

http://news.bbc.co.uk/1/hi/technology/3436835.stm

http://securityresponse.symantec.com/avcen...ovarg.a@mm.html

http://www.cnn.com/2004/TECH/internet/01/2...read/index.html

[shanmuhi]

தகவல்களுக்கு நன்றிகள்.

[Mathan]

<b>இந்த வைரஸ் எழுதுறவனை பிடிச்சு குடுத்தா Microsoft $250,000 காசு குடுப்பாங்களாம்.</b>

Microsoft offers MyDoom reward
Thursday, January 29, 2004 Posted: 11:45 PM EST (0445 GMT)

SEATTLE (Reuters) -- Microsoft Corp. has offered a $250,000 reward for the person responsible for the MyDoom worm, as the reported number of infected computers continues to rise rapidly.

The world's largest software maker said Thursday it would pay the money for information leading to the arrest and conviction of those responsible for unleashing a variant of the malicious software code, called MyDoom.b, which is designed to attack Microsoft's Web site in an apparent attempt to shut it down this weekend.

The Microsoft offer follows a similar $250,000 reward offered by SCO Group, the small software maker suing IBM over the use of code for the Linux operating system.

The first version of the worm was designed to attack the Web site of SCO, which has drawn the ire of Linux advocates.

MyDoom, also known as Novarg or Shimgapi, has infected computers around the globe by enticing users to open a file attachment that releases a program that potentially allows other attackers to gain unauthorized access.

Computer security experts got a little closer to finding the perpetrator, who apparently signed the worm with the name "Andy."

"There's no way to tell if that's the author's real name," said Craig Schmugar, a virus research manager at Network Associates Inc.'s McAfee anti-virus unit.

Schmugar said MyDoom also contained a message from the author, "I'm just doing my job, nothing personal, sorry."

Computers infected by the worm can be turned into launchpads for other attacks.

Security experts warned on Thursday the MyDoom virus would plague e-mail users for some time as it counts down to a mammoth digital attack next week on Microsoft and SCO.

For a fourth consecutive day, Internet service providers and corporations were bogged down by a crush of infected e-mails.

Security experts said as many as one in three e-mails in circulation was triggered by MyDoom.A, making it the fastest spreading Internet contagion ever.

"We are seeing companies struggling with this as they cannot clear the viruses quickly enough," said Graham Cluley, technology consultant for anti-virus and anti-spam firm Sophos Plc. "This one will be with us for a while."

Network Associates said the number of infected computers more than doubled to 400,000 or 500,000 as of Thursday, up from Wednesday's estimate of 100,000 to 200,000 machines.

Computer security vendor Symantec Corp. has detected thousands of attempts to contact infected computers, suggesting they could be used to spawn new attacks.

MyDoom, which is designed to entice the recipient of an e-mail to open an attachment with an .exe, .scr, .zip or .pif extension, are a form of spam, often with official-looking subject lines and addresses, leading many into believing they are from network administrators.

Once hit, the program scours the Web for more computers to infect. MyDoom.A is programmed to send spam e-mails to spread the infection further and marshal an army of infected machines to knock SCO's Web site offline on Sunday.

On Wednesday, a second variant dubbed MyDoom.B, appeared. It spread less quickly, but carried a program timed to unleash attacks on SCO and Microsoft. Also, it prevented access to anti-virus sites where patches for the bug are available.

Computers running any of the latest versions of Microsoft's Windows operating system e-mail program are at risk of being infected, although the worm does not exploit any flaws in Windows or software.

In November, Microsoft offered two $250,000 rewards for tips leading to the arrest of the Blaster and SoBig virus writers.