Fwd: [unisog] MyParty
Christopher E. Cramer
chris.cramer at duke.edu
Mon Jan 28 22:05:27 GMT 2002
> On Mon, 28 Jan 2002, Bob Ono wrote:
> > Andy,
> > We have not seen this version of the MyParty worm. Can you provide
> > additional information as to how it is related to the MyParty virus - same
> > attachment names? Is there any unique characteristic to this new flavor?
> > Thanks.
> > Bob
> Sorry, folks. False alarm. I was working from second-hand reports.
> I've just come back from some house calls to the actual victims and it
> looks like we have a SirCam outbreak coincident with the debut of MyParty.
> There is only the one "mild" flavor of MyParty out there, the rest is
> Actually, there was a PC that had both SirCam and Magister.B, though the
> Magister infection was incomplete (having been blocked by SirCam).
actually, there is a second version which (according to McAfee) installs a
backdoor on the system. You can find machines infected with this version
by looking for machines trying to communicate with 184.108.40.206.
More information about the unisog