Tuesday, April 16, 2024

Worm Hitting Anti-Spam Sites with DoS Attacks

HomeSecurity
Sharon Gaudin
By Sharon Gaudin

Datamation content and product recommendations are editorially independent. We may make money when you click on links to our partners. Learn More.

Five new variants of a mass-mailing worm are infecting computers around the globe and

launching denial-of-service attacks — some against well-known anti-spam Web sites.

The Mimail worm, an ordinary mass-mailing worm that first appeared this past August, has

spawned four new variants that began invading the wild last Friday. The original Mimail worm

did nothing more than cull email addresses and propagate itself. The new variants are far

more aggressive, launching DoS attacks against several anti-spam Web sites and online

retailers, including one gaming retailer.

As of Monday morning, some sites were being slowed down, while others were not able to be accessed.

”Everyone should be on guard against a possible surge in MiMail activity as
the business week resumes,” says Ken Dunham, director of malicious code at iDefense, Inc.,

a security intelligence firm based in Reston, Va. ”New variants may continue to emerge in

the wild and thousands of MiMail e-mails are now waiting to be opened by unsuspecting
users as the business week resumes.”

Chris Belthoff, a senior security analyst at Lynnfield, Mass.-based anti-virus company,

Sophos, Inc., notes that the worms contain a Zip file, which contains an executable. The

file will harvest email addresses from the computer’s hard drive, propagate itself and then

launch the DoS attacks. The subject line may read, ‘Don’t be late’, and the text will refer

to a planned meeting and a file that the email recipient supposedly requested. Other

variants refer to pictures from a trip to the beach.

Anti-virus analysts say the worms are targeting sites, such as www.spamhaus.org,

www.spews.org, mysupersales.com, spamcop.net, and darkprofits.com.

”These sites are probably getting hit with a lot of traffic,” says Belthoff. ”The

question is why are they targeting these sites? Are they spammers trying to send a message?

Are they just virus writers trying to see if some new technique will work?”

Belthoff adds that while the worms aren’t specifically damaging the computers they’re

infecting, the worms are causing them to slow down because of the amount of email traffic

they’re generating.

”If you’ve got a large network that’s getting infected, then your network will slow down

greatly,” he adds. ”Do the people running these anti-spam sites find them destructive?

Absolutely. If a big corporate network is being slowed down, is that destructive? You bet.”
It’s destructive to business.

Previous article
Plenty of IM Security Holes Left to Plug
Next article
Enterprise Applications Hitting a Road Near You

Subscribe to Data Insider

Learn the latest news and best practices about data science, big data analytics, artificial intelligence, data security, and more.

Similar articles

Get the Free Newsletter!

Subscribe to Data Insider for top news, trends & analysis

Latest Articles

Datamation is the leading industry resource for B2B data professionals and technology buyers. Datamation’s focus is on providing insight into the latest trends and innovation in AI, data security, big data, and more, along with in-depth product recommendations and comparisons. More than 1.7M users gain insight and guidance from Datamation every year.

Advertisers

Advertise with TechnologyAdvice on Datamation and our other data and technology-focused platforms.

Advertise with Us

Menu

Our Brands

Property of TechnologyAdvice.
© 2023 TechnologyAdvice. All Rights Reserved

Advertiser Disclosure: Some of the products that appear on this site are from companies from which TechnologyAdvice receives compensation. This compensation may impact how and where products appear on this site including, for example, the order in which they appear. TechnologyAdvice does not include all companies or all types of products available in the marketplace.