[Dshield] Re: [Full-Disclosure] new msblaster on the loose?
devon at lithiumnode.com
Wed Aug 13 18:28:35 GMT 2003
"The executable for this variant is named Penis32.exe."
On Wed, 13 Aug 2003, David Vincent wrote:
> anyone else seeing this?
> New version of Blaster worm on the loose
> By INQUIRER staff: Wednesday 13 August 2003, 16:51
> KASPERSKY LABS claimed this afternoon that there's already a new version of
> the Blaster/Lovesan worm on the loose.
> And it says that's likely to mean a repeat of the outbreak we've seen during
> this week. The new variety of Lovesan exploits the same vulnerability.
> Kaspersky says that the number of infected systems is around the 300,000
> mark, and the new variety may double this number.
> "In the worst case, the world community can face a global Internet slow down
> and regional disruption... to the World Wide Web," said Eugene Kaspersky,
> head of the labs.
> The new variety uses the name TEEKIDS.EXE instead of MSBLAST.EXE, different
> code compression, and different signatures in the body of the worm. µ
> David Vincent CNA/MCSE
> Network Administrator
> david.vincent at mightyoaks.com
> MIGHTY OAKS WIRELESS SOLUTIONS INC.
> 209-3347 Oak Street
> Victoria, B.C. Canada V8X 1R2
> Phone: 250.386.9398 Fax: 250.386.9399
> Pager: 250.380.4575 Cell: 250.884.3000
> Full-Disclosure - We believe in it.
> Charter: http://lists.netsys.com/full-disclosure-charter.html
More information about the list