MiMail Virus Attacking Anti-Spam Groups

Another mutant of the fast-spreading MiMail ‘phisher’ virus has started bombing email inboxes. Security experts say the latest version has been programmed to launch a denial-of-service attack on anti-spam advocates.

The virus has been in circulation since August this year with variants appearing as fake PayPal alerts trying to dupe users into giving up credit card numbers and other sensitive information.

In a new twist, the virus writer has added an SMTP engine to launch a DoS attack against the anti-spam groups like the Spamhaus Project, SPEWS, and SpamCop.

The text of the email that comes with the virus attached includes lewd content and falsely implicates the Spamhaus Project with being involved with child pornography. If executed, the worm spreads itself using addresses harvested from the hard drive of the infected computer.

Anti-virus experts Sophos said the attachment (wendy.zip) contains the executable file named for_greg_with_love.jpg.exe.

The company said the latest mutant was programmed to resend failed attempts without the attachment. “If the previous email fails to be sent, W32/Mimail-L will then attempt to send another email without an attachment. This email pretends that the recipient’s credit card details have been debited in connection with a transaction for child porn. This appears to be an attempt to panic the recipient, and encourage him to email an address hosted by an anti-spam organization,” the company explained in an alert.

Messaging security firm MessageLabs has maintained a “high risk” rating on the MiMail virus after stopping more than 200,000 infections in more than 100 countries worldwide.

Sophos and Network Associates have posted instructions of disinfecting PCs affected by the virus.

* For more on the increasing threat of email borne viruses, see our special report: Worms! Flaws! Bugs!

Related reading

KONICA MINOLTA DIGITAL CAMERA
pokemon go
/IMG/261/280261/snapchat-logo-app-store-320x198
rsz_adblock
<