http://software.silicon.com/malware/0,3800003100,39150478,00.htm By Dan Ilett 18 July 2005 An email worm is recruiting computers for a coordinated attack on antivirus vendor Symantec's website. Since Friday, email filtering vendor MessageLabs has intercepted 13,717 copies of the worm, dubbed Breatel.A-mm, and has issued a medium-level warning. The worm travels as an email attachment, under the subject lines: "Message could not be delivered", "Error", or "Mail Delivery System". If the attached file is opened, the computer connects to a botnet - a network of thousands of hacker-controlled computers used for illegal activity - and begins to send data to the Symantec website in the hope of crashing it. According to antivirus company F-Secure, the worm attachment contains a message to Symantec that says: "easy to talk but hard to work :) what about working in symantec? :P it is not only a mass mail worm it is also a lsass worm :)" A Symantec spokesman said that the company's infrastructure was built to withstand such attacks. The first copy of the worm was sent from Northern Ireland, MessageLabs said. _________________________________________ Attend the Black Hat Briefings and Training, Las Vegas July 23-28 - 2,000+ international security experts, 10 tracks, no vendor pitches. www.blackhat.com
This archive was generated by hypermail 2.1.3 : Tue Jul 19 2005 - 01:53:48 PDT