New variants of the Netsky and Blaster worms are spreading fast overseas, warn anti-virus vendors.
"Our labs in Australia started receiving reports of Netsky.X last night, and the labs in the UK are receiving reports of Blaster.G in the wild today," says Brett Myroff, CEO of local Sophos distributor Netxactics.
Ryan Price, CEO of local F-Secure distributor Y3K, says Netsky.X is spreading mostly in
Europe via e-mails in several different languages. The attachment file`s extension is always ".pif".
Netsky.X, with a backdoor functionality similar to that of Netsky.Y, arrives via e-mail with the subject line "delivery failure notice". It harvests e-mail addresses and forwards itself.
Between 27 and 31 April 2004 the worm will continuously request Web pages from the following sites: www.nibis.de; www.medinfo.ufl.edu and www.educa.ch.
The Blaster.G worm uses the Internet to exploit a vulnerability in the Remote Procedure Call (RPC) service to spread to as many PCs as possible. It apparently infects computers running Windows 2003, XP, 2000 and NT. It is designed to launch denial of service attacks against the windowsupdate.com Web site.
Share