VIRUS - worm_mimail.a

[spidey07]

Seems to be running pretty rampant. As alwas don't open attachements you don't know about.

This time attachment is MESSAGE.ZIP and contains an HTML file that exploits a IE vulnerabilities. Looks like it hit around 11:30 AM EST.

Delete it.

http://www.trendmicro.com/vinfo/virusencyclo/default5.asp?VName=WORM_MIMAIL.A

 

[Regs]

Thanks for the look out. I also have a warning about a virus at work, they never tell us which virus though!

 

[Rogue]

Yeah, althought I'm not working there right now, our network is getting hammered with it apparently. Oh well, I'm not the SA so I don't have to deal with it. I am a bit upset though. That network is my baby and I've left it in someone else's care and now it's sick.

 

[T3C]

thnaks for the heads up

 

[guyver01]

<bump>

this is a biggie.

http://us.mcafee.com/virusInfo/default.asp?id=description&virus_k=100523

http://securityresponse.symantec.com/avcenter/venc/data/w32.mimail.a@mm.html

 

[friedpie]

we got hit at work with it. i couldn't send or receive email all day. i want to just slap some of the people at work silly for opening attachments.

 

[Schadenfroh]

/updates avg

 

[all168]

some workstations at my work already infected with this virus and the most important is the send's name is "admin@MYCOMPANY.com and mycompany is really my company's name. We have norton antivirus installed and only the 8/1/2003 virus definition will able to detect it, not even the 7/30/2003 one. Be carefull.

 

[spidey07]

Last bump. Pretty nasty one. Only the latest pattern files from yesterday afternoon will catch it.

It searches your entire hard drive for e-mail addresses and spams the heck out of them. Capable of filling up a T3 - it did ours.

 

[her209]

Wow. Just wow.

 

[spidey07]

Oh,

And all of our mail is scanned at least 6 times before it hits a desktop.

Internet E-mail - scanned by two separate e-mail scubbers before it even gets to our SMTP gateway.
Scanned on the SMTP gateway
Scanned on the MTA
Scanned on the mailbox servers
Scanned on the PC.

Still got thru because the patter files weren't out yet. We just don't get viruses, but this one made it.

 

[rh71]

Why is this such a big deal? From what I can tell, all it does is email more and more people... nothing malicious.. or did I miss something?

I received the "admin" email at my work inbox and saw the message.zip. Didn't open it though... apparently someone on our network did...

But again, all it does is email more people with it, am I wrong ?

 

[LordRaiden]

How hard you guys getting hit with this virus? We haven't seen but a slight trickle coming into our virus scanning system so far. Thankfully this is nothing like the raping our mail system got when bugbear, klez, and lovebug hit, so I hope that this doesn't get too big.

 

[spidey07]

Originally posted by: LordRaiden
How hard you guys getting hit with this virus? We haven't seen but a slight trickle coming into our virus scanning system so far. Thankfully this is nothing like the raping our mail system got when bugbear, klez, and lovebug hit, so I hope that this doesn't get too big.

With an address book of 15000 names it generated a TON of e-mail.

 

[Tab]

God why do people make sutff like this. Why do people even open things like this anyway. Any have decent computer user should know if its a email you dont know about and comes with a strrange attachment. DONT OPEN IT!

 

[rh71]

Originally posted by: spidey07

Originally posted by: LordRaiden
How hard you guys getting hit with this virus? We haven't seen but a slight trickle coming into our virus scanning system so far. Thankfully this is nothing like the raping our mail system got when bugbear, klez, and lovebug hit, so I hope that this doesn't get too big.

With an address book of 15000 names it generated a TON of e-mail.

There are applications that send out that much email purposely...

 

[minendo]

My server and the schools mail server just got nailed. This is a mess.

 

[MrYogi]

Originally posted by: minendo
My server and the schools mail server just got nailed. This is a mess.

same here in oklahoma

 

[chiwawa626]

I always feel like im missing out, i never have encoutnered any of these big viruses and stuff that are reported on teh news and online...hmph :-\

 

[OulOat]

Yeah, I got an email with this virus. The bad thing about it was it was the admin from our college that sent it.

 

[Shuxclams]

Originally posted by: chiwawa626
I always feel like im missing out, i never have encoutnered any of these big viruses and stuff that are reported on teh news and online...hmph :-\

Want one?










SHUX

 

[Confused]

Originally posted by: OulOat
Yeah, I got an email with this virus. The bad thing about it was it was the admin from our college that sent it.

Originally posted by: all168
some workstations at my work already infected with this virus and the most important is the send's name is "admin@MYCOMPANY.com and mycompany is really my company's name. We have norton antivirus installed and only the 8/1/2003 virus definition will able to detect it, not even the 7/30/2003 one. Be carefull.

Will have to check for this at work tomorrow, hopefully it won't spread around too much


Confused

 

[HappyPuppy]

The Russkies are attacking! The Cold War isn't over, it has merely changed form.

It's a good thing we have a proactive Pres. GW won't be afraid to push the button.:Q

 

[MrYogi]

Originally posted by: OulOat
Yeah, I got an email with this virus. The bad thing about it was it was the admin from our college that sent it.

it is not from the admin. it just appears to have come from the admin

 

[Trygve]

I haven't seen much from this one yet. I got six copies in a two-hour timespan on Friday afternoon, then four more in a half-hour period this afternoon, but that's it. Hardly a blip as these things go. By comparison, when that "Install this Microsoft patch" virus was peaking, I was getting 20-40 copies per hour continuously throughout the day.

I'm amazed at how successful a virus can be just by relying upon the stupidity of its recipients.