It has come to our attention that our corporate email addresses are being used to send out SPAM and or Junk Emails by individuals making it look like we sent the email ourselves.

From Symantec.com:
W32.Mydoom.A@mm (also known as W32.Novarg.A) is a mass-mailing worm that arrives as an attachment with the file extension .bat, .cmd, .exe, .pif, .scr, or .zip.

When a computer is infected, the worm sets up a backdoor into the system by opening TCP ports 3127 through 3198, which can potentially allow an attacker to connect to the computer and use it as a proxy to gain access to its network resources.

In addition, the backdoor can download and execute arbitrary files.

There is a 25% chance that a computer infected by the worm will perform a Denial of Service (DoS) on February 1, 2004 starting at 16:09:18 UTC, which is also the same as 08:09:18 PST, based on the machine's local system date/time. If the worm does start the DoS attack, it will not mass mail itself. It also has a trigger date to stop spreading/DoS-attacking on February 12, 2004. While the worm will stop on February 12, 2004, the backdoor component will continue to function after this date.

Taken from Symantec.com [http://securityresponse.symantec.com/avcenter/venc/data/w32.mydoom.a@mm.html]

Please update your virus programs and we strongly suggest using MailWasher Pro [http://www.firetrust.com/index.php]

back