Newest email worm reaches high distribution

[SagaLore]

From Zafi-D wishes us Happy Hollydays:

W32/Zafi-D is a mass mailing worm spreading Christmas cheer. It will also spread itself via peer-to-peer networks.

It is observed to be spreading rapidly. More information can be found at Sophos and Symantec which calls it Erkez.D. The payload consists of disabling antivirus services, using the address book to spread itself, and opening up a backdoor on tcp port 8181 to remote attackers. Even if you're blocking all executable attachments at your gateway, this worm will randomly send the infector file inside a zip file.

Of course everyone here knows better not to open unexpected attachments.

 

[The Stigenator]

woot.. but i use thunderbird email client.. so i wont get hit that way.. but i may if i use ares.

 

[Frew]

Originally posted by: TheGoodGuy
woot.. but i use thunderbird email client.. so i wont get hit that way.. but i may if i use ares.

??

 

[SagaLore]

Originally posted by: TheGoodGuy
woot.. but i use thunderbird email client.. so i wont get hit that way.. but i may if i use ares.

I haven't read any descriptions from any of the vendors about this using an exploit, so it really doesn't matter what email client you use. You would still have to try and open the attachment for it to infect you.

 

[SagaLore]

Originally posted by: LeadFrog

Originally posted by: TheGoodGuy
woot.. but i use thunderbird email client.. so i wont get hit that way.. but i may if i use ares.

??

I think that is the mating call of a thunder bird.

 

[n0cmonkey]

Doesn't affect me.

 

[Gravity]

Norton is my friend....been catching a few of these and cleaning them like bleach!!

 

[SagaLore]

Originally posted by: Gravity
Norton is my friend....been catching a few of these and cleaning them like bleach!!

So when you get them they come out bright white? :Q