[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Full-Disclosure] MyDoom Email targets

To: Scott Manley <djsnm@djsnm.com>
Subject: Re: [Full-Disclosure] MyDoom Email targets
From: merlyn@stonehenge.com (Randal L. Schwartz)
Date: 27 Jan 2004 10:41:41 -0800

>>>>> "Scott" == Scott Manley <djsnm@djsnm.com> writes:

Scott> I've noticed I'm getting a load of messages to my catch all domains
Scott> with addresses like adam@.... joe@.... sandra@.... - it's highly
Scott> unlikely that this would be part of anyone's address book - is there
Scott> some mechanism in the worm to try and propagate to random e-mail
Scott> within a domain?

Yes, it's scraping address books, text files, and does a dictionary
attack as well.

Mean and viscious this one is.  Much worse than sobig.

-- 
Randal L. Schwartz - Stonehenge Consulting Services, Inc. - +1 503 777 0095
<merlyn@stonehenge.com> <URL:http://www.stonehenge.com/merlyn/>
Perl/Unix/security consulting, Technical writing, Comedy, etc. etc.
See PerlTraining.Stonehenge.com for onsite and open-enrollment Perl training!

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

References:
- [Full-Disclosure] MyDoom Email targets
  - From: Scott Manley <djsnm@djsnm.com>

Prev by Date: [Full-Disclosure] MyDoom Email targets
Next by Date: [Full-Disclosure] OPEN3S-2003-08-08-eng-informix-ontape
Previous by thread: Re: [Full-Disclosure] MyDoom Email targets
Next by thread: RE: [Full-Disclosure] MyDoom Email targets
Index(es):
- Date
- Thread