"Mytob.bi"

Status
Not open for further replies.

Osiris

Golden Master
Messages
36,817
Location
Kentucky
Another variant of the Mytob worm began wiggling its way into inboxes this week, enticing recipients to open an e-mail attachment that could allow a remote hacker to access and perform commands on an infected machine. The variant, dubbed "Mytob.bi" by some security researchers, scans the hard drive of an infected machine and sends copies of itself to e-mail addresses it finds in the Windows Address Book, antivirus firm Trend Micro Inc. said yesterday. The worm poses as a message from an IT administrator, warning recipients that their e-mail accounts are about to be suspended, Trend Micro said.

Possible subject headers for the worm include "*IMPORTANT* Please Validate Your Email Account" and "Notice: **Last Warning**." The latest variant is the fourth iteration of the Mytob family of worms that were first detected in late February, Trend Micro said. It has backdoor capabilities and can open a random port, allowing a hacker to remotely access an infected machine.
 

kukuhead

Baseband Member
Messages
39
My company network got it! Now a few users are getting the mail, and i got client calling me that i send them mail that contain the mytob.mm worm! I scan the xchange server but nothing is found! wat should i do !!!
 

kukuhead

Baseband Member
Messages
39
I cant detect it in my exchange server, it there anyway for me to pin point which machine in the network is spreading the worm??
 
Status
Not open for further replies.
Top