Tag Archives: Worm

Bofra Worm Gets Past Antivirus Software



Users of Microsoft Internet Explorer and Windows XP Service Pack 2 (SP2) are vulnerable to infection by the Bofra worm, downloaded through website banner ads.

The Bofra worm, previously described only as a variant of the MyDoom worm, takes advantage of the iFrame vulnerability in Microsoft Internet Explorer; Microsoft has not yet been able to release a patch that repairs this security hole. According to SANS Internet Storm Center, sites in the U.K., the Netherlands and Sweden have been infected, including The Register, tech website. The Register advises users who visited the site between 6:00 A.M. and 12:30 P.M. GMT on Saturday November 20, 2004, to check their machines for possible infection by the Bofra worm.

Bofra Skirts Antivirus Software
The more significant problem is that the Bofra worm, which is a spyware application cannot be detected by most antivirus software applications. Repairing the effects of this worm are difficult and costly. The effect of the worm is so many popups and unwanted software installations that the computer will slow to a crawl and be, effectively, useless. Many users will be forced to rebuild their drives from scratch, starting with a reformatting and reinstallation of Windows.

Dave’s Opinion
Affected users who are fortunate to not lose all of their data files will do well to rebuild their computer and stop using Microsoft’s integrated web browser. Until Microsoft is able to take security seriously and create a stable, secure browsing platform, Windows users should move to alternative web browsers such as Firefox or Opera.

Call for Comments
What do you think? Leave your comments below.

References
SANS Internet Storm Center
The Register
Firefox
Opera
Message Center


Mydoom Worm Makes a Name for Itself in a Hurry



The Mydoom worm (a.k.a. Shimgapi and Novarg) is making a fast name for itself and has been detected in 142 countries and currently accounts for 8.5% of all Internet e-mail, according to a leading security company.

The worm arrives in an e-mail file attachment. The e-mail body varies from blank to highly technical jargon…all of which are designed to fool the recipient into opening the attached (infected) file which has a common extension such as ZIP, SCR, EXE, or PIF.

Dave’s Opinion
I started noticing the worm making its way through our e-mail servers yesterday. I’m receiving a couple of dozen copies of infected messages every hour in my e-mail account, alone. Some of the infected messages are being transmitted using one of my e-mail accounts as the faked sender, so it’s difficult to determine from true sender.

Keep you antivirus software updated and never, I mean never, open a file attachment that you’re not expecting.

Call for Comments
What do you think? Leave your comments below.