Thursday, August 12, 2004

McAfee Warns On New Virus

What is it?

W32/ is a Medium Risk mass-mailing worm that tries to open a hacker backdoor on your PC.

Launched by code hidden inside a ZIP attachment, the virus spreads by emailing itself to stolen contacts and via popular file-sharing programs such as KaZaa, Bearshare and Limewire. It also tries to terminate anti-virus and other security software operation.

Up-to-date McAfee VirusScan users with DAT 4384 are protected from this threat.

Note: To fortify anti-virus defense against viruses that carry backdoor payloads, we recommend installing McAfee Personal Firewall Plus.

What should I look for?

FROM: Varies (spoofed)
BODY: Examples: new price, The password is, Password:
ATTACHMENT: Examples:,,

How do I know if I've been infected?

Communication Port 80 (TCP) open. Outgoing messages with noted body content and ZIP attachments.

Why am I receiving so many alerts?

It's our policy to notify McAfee customers or those who have opted-in to receive alerts of new viruses or serious variants (e.g., W32/, which often come in waves.

How do I find out more?

View details about W32/ here.

Links to this post:

Create a Link

<< Home