HomeProductsServicesDownloadSupportNewsPartnersPurchaseContact
PRESS RELEASE

Oslo, 1 March 2004

Norman Data Defense Systems alerts:
The number of Internet worms is rapidly escalating
 

CORPORATE NEWS

Latest News
News archive

INFORMATION
Products & Solutions
QUESTIONS? CONTACT US
Norman Data Defense Systems, specialists in the field of data security, today issued an alert against two new worms NetSky.D and E. These are the last in a series of worm incidents that currently spread at an alarming speed worldwide.

The following is a list of the most dangerous worms detected during the past seven days,

W32/Netsky.C
W32/BizIcq.A
W32/Bagle.C
W32/Bagle.D
W32/Bagle.E
W32/Bagle.F
W32/Netsky.D
W32/Netsky.E

In addition to these worms,the fast spreading worms MyDoom.F (21/2) and Netsky.B (18/2) have emerged. Of these, Mydoom.F is very destructive with a high payload using backdoor techniques, providing denial of service attacks, and deletion of files.

"We suspect that several virus authors – or factions of virus authors – are competing in creating the most successfully spreading worm. So far we see three different groups or persons, each responsible for their own worm family; NetSky, Bagle, and MyDoom. Text messages inside these worms points in this direction", says Snorre Fagerland, senior virus analyst at Norman Data Defense Systems. It seems like they are accusing each other of stealing ideas and code, in an attempt to achieve the highest number of copies spread on the Internet as fast as possible.

Examples of such text messages are:

Text string from NetSky.C
<-<- we are the skynet - you can't hide yourself! - we kill malware writers (they have no chance!) - [LaMeRz-->]MyDoom.F is a thief of our idea! - -< SkyNet AV vs. Malware >

Text string from NetSky.D
"be aware! Skynet.cz - -->AntiHacker Crew<--"
Characteristics of the recent NetSky.D

(for information on Netsky.E please check our web pages)

Email subject: "Re: + "random text"
Email body start with: "random text"
Email attachment: "Randomly generated file name".pif

More information about this worm is available from Norman Data Defense System's web site: http://www.norman.com.
Recommendations

Norman Data Defense Systems definitions files from Monday, 01 March 2004 have support for the worm.

Norman Data Defense Systems recommends corporate and home users to immediately update installed antivirus products with new definitions files that detect this threat.

We recommend users without protection to download and install an antivirus program immediately.

For further information, please contact

SAV25 Data Systems

More Press Release here
 
ABOUT SAV25      USER AGREEMENT   PRIVACY POLICY   CONTACT US                                                                           
SAV25 Data Systems
appropriate solutions
Copyright ©1999-2005 SAV25 DATA SYSTEMS. All Rights Reserved   
All Product names, trademarks, trade names, service marks and logos included in this site are the property of their respective companies and/or affiliate companies.
For best viewing, use Opera 8.02 or higher or Internet Explorer 6.X or Firefox 1.X at 800X600 resolution