Home > Security News > Mimail-L takes sleazy aim at antispam sites
Security News:
EMAIL THIS

Mimail-L takes sleazy aim at antispam sites

By Edward Hurley, SearchSecurity.com News Writer
03 Dec 2003 | SearchSecurity.com

Digg This!    StumbleUpon Toolbar StumbleUpon    Bookmark with Delicious Del.icio.us   

The latest variant of the Mimail worm, which appeared Tuesday, takes particularly sleazy aim at antispam groups.

Mimail-L, like some previous versions, targets antispam groups, but its tack is perhaps the most severe. "The writer has lowered himself to depths we have not see before," said Graham Cluley, senior technology consultant with U.K.-based Sophos PLC.

Recipients randomly receive one of two messages. The first reports that a weekly fee for child pornography has been charged to the recipient's credit card. The message implies the pornography came from antispam groups. "If you want to cancel membership and your CD pack please email order and credit card details to security@europe.spamhaus.org," the message reads.

The worm sometimes travels with a message purporting to be from a woman to her lover. The body text implies that the worm file contains photos of the woman nude. After infecting systems, the worm searches infected systems for e-mail addresses and then mails out copies of itself using its SMTP engine.

The worm tries to launch a distributed denial-of-service (DDoS) attack against the Spamhaus Project and other antispam Web sites.

So far, Spamhaus hasn't seen any problems with its site associated with the worm. Even if an attack occurs, the organization is ready. "We're set up to deal with attacks exactly like this," said Steve Linford of Spamhaus. "We have multiple machines, one in front of the other, specifically to filter out bad traffic and let only clean HTTP requests through."

The implication that Spamhaus is involved with child porn is both disturbing and baffling to Linford.

"Naturally, each time we are then inundated with complaints from angry users, angry that 'we' are 'going to charge their cards' and angry that we are 'selling child pornography,'" he said. "None of the thousands of users who contact us stop to think we're actually an antispam organization that does not sell anything."

So far, it's debatable whether Mimail-L is spreading that much in the wild. There seems to be some problems with its mailing routine, said Craig Schmugar, an antivirus researcher with McAfee AVERT. Thousands of copies of the worm were sent out, but it's unclear whether the worm started working on its own, he said.



Digg This!    StumbleUpon Toolbar StumbleUpon    Bookmark with Delicious Del.icio.us   



RELATED RESOURCES
2020software.com, trial software downloads for accounting software, ERP software, CRM software and business software systems
Search Bitpipe.com for the latest white papers and business webcasts
Whatis.com, the online computer dictionary


More Tips to Secure Your Network
TechTarget Security Media
Information Security View this month\\'s issue and subscribe today.
Information Security Decisions Apply online for free conference admission.
SearchSecurity.com
HomeNewsMagazineMultimediaWhite PapersLearningAdviceTopicsEventsAbout Us
SEARCH :     Site Index Powered by: Search Powered by Google

About Us  |  Contact Us  |  For Advertisers  |  For Business Partners  |  Site Index  |  RSS
TechTarget provides technology professionals with the information they need to perform their jobs - from developing strategy, to making cost-effective purchase decisions and managing their organizations' technology projects - with its network of technology-specific websites, events and online magazines.

TechTarget Corporate Web Site  |  Media Kits  |  Site Map




All Rights Reserved, Copyright 2003 - 2010, TechTarget | Read our Privacy Policy 		  TechTarget - The IT Media ROI Experts