As U.S. workers got to the office this morning and opened their email, they unleashed a new mass-mailing worm that is fiercely spreading across the United States and Europe. Mimail is a worm that takes advantage of a vulnerability in Microsoft Corp.’s Windows Explorer to harvest email addresses and propagate itself. The worm arrives disguised […]
As U.S. workers got to the office this morning and opened their email, they unleashed a new mass-mailing worm that is fiercely spreading across the United States and Europe.
Mimail is a worm that takes advantage of a vulnerability in Microsoft Corp.’s Windows Explorer to harvest email addresses and propagate itself. The worm arrives disguised as a message from the network administrator with an attached zip file. The message suggests that the recipient’s email account will soon expire and urges him to read the attached information. The attachment, called ‘message.zip’, contains an HTML file which is a copy of the worm that then scours the user’s hard disk looking for email addresses for its next round of victims.
Mimail doesn’t carry a destructive payload, though, so only serves to clog up email systems and confuse users about a note from their administrator.
“It propagated really aggressively at first and got past a lot of anti-virus software,” says Dan Ingevaldson, an engineering manager with Altanta-based Internet Security Systems, Inc. “It’s spiking this morning but should calm down by the end of the week… There’s lots of machines out there — like a leper colony. They never get patched. They’re not secure. And they get hit.”
Mimail was first detected this past Friday when it raised concerns around the security industry, which is already on high alert for an expected worm that could exploit a vulnerability in Windows desktop and server operating systems to cause significant slow-downs and damage across the Internet. Security analysts say an upswing in hacker activity could be signaling the coming of a broad-scale attack that could potentially affect millions of networks.
The increased hacker activity is pinpointing a vulnerability in Microsoft Corp.’s Windows operating system. A problem with the Windows RPC Interface Buffer Overrun was first disclosed on July 16. Security experts say hackers started experimenting with the vulnerability almost immediately, and the rate of system probes and online chatter about the vulnerability has been skyrocketing.
When Mimail was released into the wild, many security analysts initially thought this was the attack they had been expecting. Those fears even shut down Internet connections Friday afternoon at several government agencies, including the Department of Homeland Security and the U.S. Secret Service.
David Wray, a spokesman for the Department of Homeland Security, says he did not have any information at deadline today about how many machines were affected or how long the shut downs lasted.
“Initially, people thought this was the worm exploiting the RPC vulnerability,” says Chris Belthoff, a senior security analyst with Sophos, Inc., a security and anti-virus company based in Lynnfield, Mass. “Everyone is just on high alert.”
Security analysts say hacker activity around the RPC vulnerability increased over the weekend. And Steven Sundermeier, vice president of products and services at
Central Command Inc., an anti-virus company based in Medina, Ohio., says over the weekend they spotted a few pieces of malware, which they marked as proof of concepts, or experimental viruses.
“First, they scan to see how many servers out there are vulnerable,” explains Sundermeier. “Then they release an initial code to get a gauge on how effective it will or will not be. Then they’ll release a wilder version… At any given point, we can expect to see a worm based on RPC.”
But industry observers say they’re hopeful that the amount of publicity surrounding the RPC vulnerability and the increase in hacker activity could help defuse the attack once it arrives. The more computers that are patched and updated, the fewer machines that can fall victim to the coming worm. Analysts, also warn however, that they fear there are still millions of machines out there that have not yet been patched, leaving the Internet open to a potential large-scale problem.
“In cases like this when there are millions of vulnerable devices out there, there’s a danger,” says Ingevaldson. “Patching thousands of desktops is a lot of work. Everyone knows that patching is the solution in the long run, but the problem is that sometimes it takes months to install a patch across an enterprise.”
Ethics and Artificial Intelligence: Driving Greater Equality
FEATURE | By James Maguire,
December 16, 2020
AI vs. Machine Learning vs. Deep Learning
FEATURE | By Cynthia Harvey,
December 11, 2020
Huawei’s AI Update: Things Are Moving Faster Than We Think
FEATURE | By Rob Enderle,
December 04, 2020
Keeping Machine Learning Algorithms Honest in the ‘Ethics-First’ Era
ARTIFICIAL INTELLIGENCE | By Guest Author,
November 18, 2020
Key Trends in Chatbots and RPA
FEATURE | By Guest Author,
November 10, 2020
FEATURE | By Samuel Greengard,
November 05, 2020
ARTIFICIAL INTELLIGENCE | By Guest Author,
November 02, 2020
How Intel’s Work With Autonomous Cars Could Redefine General Purpose AI
ARTIFICIAL INTELLIGENCE | By Rob Enderle,
October 29, 2020
Dell Technologies World: Weaving Together Human And Machine Interaction For AI And Robotics
ARTIFICIAL INTELLIGENCE | By Rob Enderle,
October 23, 2020
The Super Moderator, or How IBM Project Debater Could Save Social Media
FEATURE | By Rob Enderle,
October 16, 2020
FEATURE | By Cynthia Harvey,
October 07, 2020
ARTIFICIAL INTELLIGENCE | By Guest Author,
October 05, 2020
CIOs Discuss the Promise of AI and Data Science
FEATURE | By Guest Author,
September 25, 2020
Microsoft Is Building An AI Product That Could Predict The Future
FEATURE | By Rob Enderle,
September 25, 2020
Top 10 Machine Learning Companies 2021
FEATURE | By Cynthia Harvey,
September 22, 2020
NVIDIA and ARM: Massively Changing The AI Landscape
ARTIFICIAL INTELLIGENCE | By Rob Enderle,
September 18, 2020
Continuous Intelligence: Expert Discussion [Video and Podcast]
ARTIFICIAL INTELLIGENCE | By James Maguire,
September 14, 2020
Artificial Intelligence: Governance and Ethics [Video]
ARTIFICIAL INTELLIGENCE | By James Maguire,
September 13, 2020
IBM Watson At The US Open: Showcasing The Power Of A Mature Enterprise-Class AI
FEATURE | By Rob Enderle,
September 11, 2020
Artificial Intelligence: Perception vs. Reality
FEATURE | By James Maguire,
September 09, 2020
Sharon Gaudin is a veteran technology journalist who has worked for the likes of Computerworld, InformationWeek, and Datamation. She has covered everything from the cloud, security, and social networking to software development, robotics, artificial intelligence, and hardware.
Datamation is the leading industry resource for B2B data professionals and technology buyers. Datamation's focus is on providing insight into the latest trends and innovation in AI, data security, big data, and more, along with in-depth product recommendations and comparisons. More than 1.7M users gain insight and guidance from Datamation every year.
Property of TechnologyAdvice. © 2025 TechnologyAdvice. All Rights Reserved
Advertiser Disclosure: Some of the products that appear on this site are from companies from which TechnologyAdvice receives compensation. This compensation may impact how and where products appear on this site including, for example, the order in which they appear. TechnologyAdvice does not include all companies or all types of products available in the marketplace.
