Virus Alert - Code Blue
Thread Starter
Joined: May 2001
Posts: 361
Likes: 2
From: Houston
Virus Alert - Code Blue
Below is a message that was forwarded to us at work earlier today regarding this virus.
I'm sure everyone has heard about it, thought that some may find the info useful.
************************************************** *
Security Alert 2001-008 update
Issued by Merrill Lynch Information Security and Privacy on September 18, 2001
A new, virulent virus/worm has been detected within Merrill Lynch. It attacks via an IIS vulnerability, via web sites and via a Trojan email attachment.
Technologies At Risk:
Windows NT
Windows 2000
Windows 98
Windows ME
Microsoft IIS servers
Impact:
This vulnerability is considered extremely high risk. This virus/worm appears, at this stage of analysis, to combine the characteristics of several other prior attacks. It makes use of a number of previously identified vulnerabilities. Patches for these vulnerabilities are available at the URLs listed below.
This virus/worm spreads rapidly in a manner similar to Code Red, and at the same time propagates via an attachment which is believed to be named
I'm sure everyone has heard about it, thought that some may find the info useful.
************************************************** *
Security Alert 2001-008 update
Issued by Merrill Lynch Information Security and Privacy on September 18, 2001
A new, virulent virus/worm has been detected within Merrill Lynch. It attacks via an IIS vulnerability, via web sites and via a Trojan email attachment.
Technologies At Risk:
Windows NT
Windows 2000
Windows 98
Windows ME
Microsoft IIS servers
Impact:
This vulnerability is considered extremely high risk. This virus/worm appears, at this stage of analysis, to combine the characteristics of several other prior attacks. It makes use of a number of previously identified vulnerabilities. Patches for these vulnerabilities are available at the URLs listed below.
This virus/worm spreads rapidly in a manner similar to Code Red, and at the same time propagates via an attachment which is believed to be named
Registered User
Joined: Mar 2001
Posts: 2,170
Likes: 0
From: Richmond
Code Blue came out a couple weeks ago, just after Code Red. http://www.sarc.com/avcenter/venc/data/w32...ecode.worm.html
Nimda is a different worm.
Nimda is a different worm.
Registered User
Joined: Nov 2000
Posts: 290
Likes: 0
From: smalltown
Which one is this?
Be alert for the Hybris computer virus, also known as the Full Moon Virus or Worm, W32/Hybris.gen@MM, W95.Hybris.gen, and other variations of the Hybris name. The virus replicates itself by watching for e-mail addresses in incoming and outgoing e-mails and then sending itself, in the form of a mail attachment, to those addresses. This virus infects Windows systems only, including Windows 95, 98, ME, NT 4.0, and 2000. Your computer becomes infected when you open the attachment.
If your computer is infected, anyone with whom you exchange e-mails may receive unexpected e-mails with the virus attachment, from your screen name. The e-mails may have the subject line, "Snowhite and the Seven Dwarfs - The Real Story," and an attachment with a name of "sexy virgin.scr" or "joke.exe" or "midgets.scr" or "dwarf4you.exe." Some variations of this e-mail and virus may have different subject lines and/or attachment names. If you receive an email with this heading, DO NOT download the attachment.
What does the Hybris virus do?
The Hybris virus downloads a variety of plug-ins from the Internet, and each plug-in could affect your computer differently. The most common plug-in displays a spiral graphic on your computer and prevents you from using Windows. The virus follows an internal clock, and downloads plug-ins on days when the moon is full.
The virus usually infects the Wsock32.dll file in Windows, and may corrupt and damage this file during each full moon. If your Wsock32.dll file becomes damaged, you may be unable to reach the Web, and you may experience Windows errors like General Protection Faults in Modules "<Unknown>," "Wsock32.dll," and "Kernel32.dll." While most of the damage may happen on or around the full moon, the virus may create problems any time.
The Hybris virus is also known by the names: W32/Hybris.gen@MM, W95.Hybris.gen, and other variations of the Hybris name. This virus infects Windows systems only, including Windows 95, 98, ME, NT 4.0, and 2000.
What can I do?
An infected computer may lock up and have other operating problems. If you suspect you are infected with the Hybris virus, update your anti-virus software and scan your hard drive, following the software manufacturer's instructions. Recently updated anti-virus software should detect and remove the virus.
Be alert for the Hybris computer virus, also known as the Full Moon Virus or Worm, W32/Hybris.gen@MM, W95.Hybris.gen, and other variations of the Hybris name. The virus replicates itself by watching for e-mail addresses in incoming and outgoing e-mails and then sending itself, in the form of a mail attachment, to those addresses. This virus infects Windows systems only, including Windows 95, 98, ME, NT 4.0, and 2000. Your computer becomes infected when you open the attachment.
If your computer is infected, anyone with whom you exchange e-mails may receive unexpected e-mails with the virus attachment, from your screen name. The e-mails may have the subject line, "Snowhite and the Seven Dwarfs - The Real Story," and an attachment with a name of "sexy virgin.scr" or "joke.exe" or "midgets.scr" or "dwarf4you.exe." Some variations of this e-mail and virus may have different subject lines and/or attachment names. If you receive an email with this heading, DO NOT download the attachment.
What does the Hybris virus do?
The Hybris virus downloads a variety of plug-ins from the Internet, and each plug-in could affect your computer differently. The most common plug-in displays a spiral graphic on your computer and prevents you from using Windows. The virus follows an internal clock, and downloads plug-ins on days when the moon is full.
The virus usually infects the Wsock32.dll file in Windows, and may corrupt and damage this file during each full moon. If your Wsock32.dll file becomes damaged, you may be unable to reach the Web, and you may experience Windows errors like General Protection Faults in Modules "<Unknown>," "Wsock32.dll," and "Kernel32.dll." While most of the damage may happen on or around the full moon, the virus may create problems any time.
The Hybris virus is also known by the names: W32/Hybris.gen@MM, W95.Hybris.gen, and other variations of the Hybris name. This virus infects Windows systems only, including Windows 95, 98, ME, NT 4.0, and 2000.
What can I do?
An infected computer may lock up and have other operating problems. If you suspect you are infected with the Hybris virus, update your anti-virus software and scan your hard drive, following the software manufacturer's instructions. Recently updated anti-virus software should detect and remove the virus.
Thread
Thread Starter
Forum
Replies
Last Post