Nuwar Mass Mailer - Avoid Missile Strike/Political emails
This new mass mailer email worm is circulating extensively and is a
sophisticated attack (includes
rootkit concepts, downloading of additional malware agents, and setting up it's own network of infected users).
I have seen a few copies in my personal email, so this new attack is out there and is being circulated extensively.
Some links include: ISC: Avoid Missile Strike/War Themed emails http://isc.sans.org/diary.html?storyid=2586 McAfee: Nuwar Variant - DAT 5005 offers best protection http://vil.nai.com/vil/content/v_140835.htm Trend Micro: WORM_NUWAR.AOK http://www.trendmicro.com/vinfo/virusencyclo/default5.asp?VName=WORM%5FNUWAR%2EAOK&VSect=T F-Secure: Zhelatin.CQ http://www.f-secure.com/v-descs/email-worm_w32_zhelatin_cq.shtml W32.Mixor.AR http://www.symantec.com/enterprise/security_response/writeup.jsp?docid=2007-040904-0940-99&tabid=2 Sophos - W32/Dref-AF http://www.sophos.com/security/analyses/w32drefaf.html
|
MAIL TO BLOCK OR AVOID:
Subject:
• Iran Just Have Started World War III
• Israel Just Have Started World War III
• Missle Strike: The USA kills more then 1000 Iranian citizens
• Missle Strike: The USA kills more then 10000 Iranian citizens
• Missle Strike: The USA kills more then 20000 Iranian citizens
• USA Declares War on Iran
• USA Just Have Started World War III
• USA Missle Strike: Iran War just have started
Message body: {blank}
Attachment:
• Click Here.exe
• Click Me.exe
• More.exe
• Movie.exe
• News.exe
• Read Me.exe
• Read More.exe
• Video.exe |