Advertisement
If you have a new account but are having problems posting or verifying your account, please email us on hello@boards.ie for help. Thanks :)
Hello all! Please ensure that you are posting a new thread or question in the appropriate forum. The Feedback forum is overwhelmed with questions that are having to be moved elsewhere. If you need help to verify your account contact hello@boards.ie
Hi there,
There is an issue with role permissions that is being worked on at the moment.
If you are having trouble with access or permissions on regional forums please post here to get access: https://www.boards.ie/discussion/2058365403/you-do-not-have-permission-for-that#latest

New Lovegate worm spreading

  • 06-07-2004 12:04pm
    #1
    Sposs
    Registered Users, Registered Users 2 Posts: 2,472 ✭✭✭


    A new version of the Lovegate worm has begun
    infecting computers worldwide, including those
    belonging to several Fortune 500 companies,
    according to a statement from antivirus firm
    McAfee Inc. Like its predecessors, Lovegate.ad@MM
    is a mass-mailing worm that spreads through
    e-mail and network file sharing and by exploiting
    a previously disclosed vulnerability in the
    remote procedure call interface in multiple
    Windows versions.

    http://computerworld.com/securitytopics/security/virus/story/0,10801,94290,00.html


Comments

  • #2
    Capt'n Midnight
    Moderators, Recreation & Hobbies Moderators, Science, Health & Environment Moderators, Technology & Internet Moderators Posts: 93,567 Mod ✭✭✭✭Capt'n Midnight


    http://vil.mcafeesecurity.com/vil/averttools.asp#stinger
    stinger v 2.3.0 - says lovegate - but does not say which version(s) 5/7/04

    http://www.sophos.co.uk/virusinfo/analyses/w32lovgatef.html

    W32/Lovgate-F is a mass mailing and network worm. When started the worm copies itself to the root folder as COMMAND.EXE, to the Windows folder as SYSTRA.EXE and to the Windows system folder as IEXPLORE.EXE...

    W32/Lovgate-F also creates a file AUTORUN.INF in the root folder ...This worm may also drop itself into the Windows system folder using a random name.

    W32/Lovgate-F spreads by email. Email addresses are harvested from WAB, TXT, HTM, SHT, PHP, ASP, DBX, TBB, ADB and PL files found on the system. This worm will spoof the sender's email address.


    (a different variant)
    W32/Lovgate-AD copies itself to the KaZaA shared folder with a random name.


  • #3
    tman
    Closed Accounts Posts: 16,339 ✭✭✭✭tman


    heh, i think the computers here are getting raped by it as we speak...


Advertisement