Worm/Dumaru

[Wim Hamhuis]

What does it do ?

m.v.g.
Wim Hamhuis

 

[Jeroen [_]D]

: What does it do ?
:
: m.v.g.
: Wim Hamhuis

You can find that out on any anti-virus software manufacterer's site.

 

[Gabriele Neukam]

On that special day, Wim Hamhuis, ([email protected])
said...

What does it do ?

Tell you to install it, and then send itself per mail to others. It is a
very stupid worm.


Gabriele Neukam

(e-mail address removed)

 

[David H. Lipman]

There are several Internet worms masquerading as Microsoft patches. The most common are;
Swen, Dumaru, Gibe and Torvil.

Specifics on Dumaru found at: http://vil.nai.com/vil/content/v_100560.htm


All you can do is...

1. Keep your AV package up-to-date
2. Create email "rules" to auto-delete the offending messages
3. Petition your ISP to install AV software on their respective email servers.
4. Change your email address
5. Install *all* Critical Updates via the Windows Update web site.

Dave


| What does it do ?
|
| m.v.g.
| Wim Hamhuis

 

[FromTheRafters]

What does it do ?

Mass mailing clicky-worm.

Infects as well as infests. Uses a 'companion-like' method of
infection. Whereas Klez.h would infect by renaming the target
file and placing a copy of itself in its place, this one moves the
target's original code (or at least it attempts to) into an alternate
data stream (on NTFS) and attempts to execute that code
after its own so that the user would be none the wiser. It is
also a password stealer dropper.