To report a botnet PRIVATELY please email: [EMAIL PROTECTED] ---------- Symantec is reporting on a new worm "[EMAIL PROTECTED]" that seems to match with the technical description of the Bot Report in the ISC diary. This worm propagates through email, network shares, and instant messages. It also opens a backdoor on the compromised computer through TCP Port 8. The worm is spread thorough AOL Instant Messenger, AOL mail and Windows Messenger. The worm exploits unpatched computers vulnerable to the Microsoft ASN.1 Library Multiple Stack-Based Buffer Overflow and LSASS Buffer Overflow.
Symantec detection was added April 30th. Description is available here: http://www.symantec.com/avcenter/venc/data/[EMAIL PROTECTED] Bruce _______________________________________________ To report a botnet PRIVATELY please email: [EMAIL PROTECTED] All list and server information are public and available to law enforcement upon request. http://www.whitestar.linuxbox.org/mailman/listinfo/botnets
