We have observed a new email worm in the wild of unknown virulence, just wanted to get the word out ASAP. We're calling it "DarkMachine" after the nicknames of the discoverers here at SecureWorks. The worm arrives as a .exe attachment with varying names. The subject line also varies, but the body of the message stays the same: ====== heh. I tell ya this is nuts ! You gotta check it out ! ====== Subject lines observed so far include: ====== Kev Gives great orgasms to ladeez!! -- Kev I don't want to write anything but Si is bullying me. -- Jim Scientists have found traces of the HIV virus in cow's milk...here is the proof -- Will A new type of Lager / Weed variant...... sorted ! I want to live in a wooden house -- Arwel ====== The names in the subject lines may or may not be related to the name of the person sending the email. The .exe attachment names vary, but the list of ones that we have seen so far is: ===== Common.exe Rede.exe UserConf.exe Si.exe ===== We will release more information as we figure things out... Markus De Shon, Ph.D., GCIA #0227 <mdeshonat_private> Research Manager -- SecureWorks, Inc. -- 404 327-6339x127 ---------------------------------------------------------------------------- This list is provided by the SecurityFocus ARIS analyzer service. For more information on this free incident handling, management and tracking system please see: http://aris.securityfocus.com
This archive was generated by hypermail 2b30 : Wed Oct 17 2001 - 08:46:40 PDT