kronas
26-01-2004, 18:45
a new virus has hit the web, and affects all windows operating systems except 3x, the infection occours through an email with a a zip file, the file contained in the zip is called 'myphoto.jpg.exe' once the zip file is opened, the virus scans the machine for email addresses and emails itself to those addresses.
additionally any information copied to the windows clipboard, will be stored in a file 'rundllx.sys' once the log files have become a sizeable amount, it will email the files to a 'unknown address'.
the virus also creates a backdoor on ports 2283 and 10000 allowing DOS attacks to be relayed or attack the machine itself.
this particular virus also installs a keylogger, and specifically looks for passwords relating to the site 'e-gold.com' the worm seems to only log passwords for that site only, but as a precuationary measure users are urged to update there virus definitions.
http://securityresponse.symantec.com/avcenter/venc/data/w32.dumaru.z@mm.html
additionally any information copied to the windows clipboard, will be stored in a file 'rundllx.sys' once the log files have become a sizeable amount, it will email the files to a 'unknown address'.
the virus also creates a backdoor on ports 2283 and 10000 allowing DOS attacks to be relayed or attack the machine itself.
this particular virus also installs a keylogger, and specifically looks for passwords relating to the site 'e-gold.com' the worm seems to only log passwords for that site only, but as a precuationary measure users are urged to update there virus definitions.
http://securityresponse.symantec.com/avcenter/venc/data/w32.dumaru.z@mm.html