Here We Go Again: Worm Novarg.A

[ViRGE]

This is just a reminder to everyone that you need to be on the lookout for a new worm, and update your virus definitions accordingly as they become availible. Symantec is tracking a new worm, W32.Novarg.A@mm, a mass-mailing worm that's currently a Cat4 on Symantec's scale. It's commonly arriving as an attachment called "text.zip", which has an executable inside of it(cmd extension, a Windows NT command script, oddly enough). I've already recieved 3 copies in 30 minutes and more are likely on their way.

 

[conjur]

Why people open .ZIP files from unknown senders is just beyond me.

 

[ViRGE]

It's not the unknown senders that get people, it's the known senders. The first one I got a copy from had my editor's email address on it.

 

[Night201]

Within the past hour, I've received 3 emails with a 22kb .zip file. Is this it?

 

[MrDudeMan]

Originally posted by: conjur

Why people open .ZIP files from unknown senders is just beyond me.

dude, you need to understand what it does before you start

 

[MrDudeMan]

Originally posted by: Night201
Within the past hour, I've received 3 emails with a 22kb .zip file. Is this it?

no idea, but its highly likely

 

[thirtythree]

I keep seeing these threads but I haven't gotten a single one on my e-mail where's the sign up?

 

[ViRGE]

Originally posted by: Night201
Within the past hour, I've received 3 emails with a 22kb .zip file. Is this it?

Yes. It comes out to 22,528 bytes.

 

[conjur]

Originally posted by: ViRGE
It's not the unknown senders that get people, it's the known senders. The first one I got a copy from had my editor's email address on it.

But it had to start somewhere, eh?

 

[Jzero]

Initial submissions have been received with file extensions of .exe, .pif, .scr, and .zip.

Not .cmd, though.
If you find documentation that says .cmd is one, please post here! Need to update my filter!!!

It's good practice to never open UNEXPECTED attachments no matter who sent them. If you know the sender, it's easy enough to ask them if they meant to send the file....

 

[CraigRT]

Originally posted by: conjur

Why people open .ZIP files from unknown senders is just beyond me.

i hear you, but the same dumbasses will ask.. "but how would i know?"

i mean honestly... LOL..... just don't open anything!!!!!!

 

[konichiwa]

Originally posted by: conjur

Why people open .ZIP files from unknown senders is just beyond me.

Opening ZIP files can't do anything, it's running the .cmd, .bat, .exe, etc files inside that baffles me!

 

[ViRGE]

Originally posted by: Jzero

Initial submissions have been received with file extensions of .exe, .pif, .scr, and .zip.

Not .cmd, though.
If you find documentation that says .cmd is one, please post here! Need to update my filter!!!

It's good practice to never open UNEXPECTED attachments no matter who sent them. If you know the sender, it's easy enough to ask them if they meant to send the file....

I've got a copy with .cmd in my inbox, it's inside of a .zip though.

 

[markjrubin]

I've received 3 in the last 20 minutes too.

 

[Jzero]

Originally posted by: ViRGE

Originally posted by: Jzero

Initial submissions have been received with file extensions of .exe, .pif, .scr, and .zip.

Not .cmd, though.
If you find documentation that says .cmd is one, please post here! Need to update my filter!!!

It's good practice to never open UNEXPECTED attachments no matter who sent them. If you know the sender, it's easy enough to ask them if they meant to send the file....

I've got a copy with .cmd in my inbox, it's inside of a .zip though.

Can't block .zip b/c we need to receive those, but my filter is smart enough to search IN zips (and other archives!). I'll add .cmd to my list....

 

[XZeroII]

Email attachments should be banned

 

[Night201]

^

 

[RossMAN]

I've only received a few e-mails from co-workers and I deleted them all.

This is going to wreak havoc on corporate, educational and government e-mail infrastructures.

 

[PlatinumGold]

i got an email from someone i know, and i was EXPECTING to get an attachment.

i didn't even open the attachment i only previewed it.

god i hate these virus people.

 

[OZEE]

^ Keep up there -- this one's gonna be bad...

 

[konichiwa]

stop bumping this people, there's already another sticky...

 

[OZEE]

Sorry about the repost --

Never saw it -- there are so many stickies that I just skip over them...

 

[SagaLore]

Originally posted by: MrDudeMan

Originally posted by: conjur

Why people open .ZIP files from unknown senders is just beyond me.

dude, you need to understand what it does before you start

Are you saying Conjur doesn't know how this virus works, or are you making a joke about people who open attachments?

 

[Vic]

Our office got hit with this one this afternoon and (of course) some people opened the attachment and even the files inside

Luckily though, we're pretty well secured here (our head IT guy is very good -- I don't work in IT), so I don't think this will be much more than just an annoyance for us.