[Dshield] new msblaster on the loose?
CraigS at caamb.mb.ca
Wed Aug 13 17:46:27 GMT 2003
Trend and Symantec have both reported a new variant.
craigs at caamanitoba.com
From: David Vincent [mailto:david.vincent at mightyoaks.com]
Sent: 13-Aug-03 12:23
To: DShield List (E-mail); 'Full-Disclosure (E-mail); Incidents (E-mail)
Subject: [Dshield] new msblaster on the loose?
anyone else seeing this?
New version of Blaster worm on the loose
By INQUIRER staff: Wednesday 13 August 2003, 16:51
KASPERSKY LABS claimed this afternoon that there's already a new version of
the Blaster/Lovesan worm on the loose.
And it says that's likely to mean a repeat of the outbreak we've seen during
this week. The new variety of Lovesan exploits the same vulnerability.
Kaspersky says that the number of infected systems is around the 300,000
mark, and the new variety may double this number.
"In the worst case, the world community can face a global Internet slow down
and regional disruption... to the World Wide Web," said Eugene Kaspersky,
head of the labs.
The new variety uses the name TEEKIDS.EXE instead of MSBLAST.EXE, different
code compression, and different signatures in the body of the worm. µ
David Vincent CNA/MCSE
david.vincent at mightyoaks.com
MIGHTY OAKS WIRELESS SOLUTIONS INC.
209-3347 Oak Street
Victoria, B.C. Canada V8X 1R2
Phone: 250.386.9398 Fax: 250.386.9399
Pager: 250.380.4575 Cell: 250.884.3000
list mailing list
list at dshield.org
To change your subscription options (or unsubscribe), see:
More information about the list