mytob mania
Mytob is fast becoming a much-reviled wonderboy of the virus world, increasingly used in many variants:
The Mytob worm, which first appeared in late February, is a mass-mailed worm that hijacks addresses from compromised PCs to spread using its own SMTP engine, drops a backdoor Trojan so more malicious code can be added to the infected system, tries to shut down security software already on the computer, and blocks access to a large number of security and update-oriented Web sites.
Security firms such as Symantec have tracked and labeled over 130 different variations on the Mytob worm in the last three-and-a-half months. So many variants have appeared, using so many different techniques -- including phishing-style tactics -- that some analysts believe the group responsible is crafting a "super" worm.
We had a client here in Nashville with a Mytob infection last week -- one of the first infections since Sober.p. All the more troubling, since we're still not sure where the initial infection vector was. It didn't come through Swirbo.
Comments
[...] the client’s update
[...] the client’s update code? These thoughts came home to roost a few days ago when the Mytob infections were running rampant, and as a result, AVG’s free update site was ove [...]