Another mutant of the fast-spreading MiMail ‘phisher’ virus has started bombing email inboxes. Security experts say the latest version has been programmed to launch a denial-of-service attack
The virus has been in circulation since August this year with variants appearing as fake PayPal alerts trying to dupe users into giving up credit card numbers and other sensitive information.
In a new twist, the virus writer has added an SMTP engine to launch a DoS attack against the anti-spam groups like the Spamhaus Project, SPEWS, and SpamCop.
The text of the email that comes with the virus attached includes lewd content and falsely implicates the Spamhaus Project with being involved with child pornography. If executed, the worm spreads itself using addresses harvested from the hard drive of the infected computer.
Anti-virus experts Sophos said the attachment (wendy.zip) contains the executable file named for_greg_with_love.jpg.exe.
The company said the latest mutant was programmed to resend failed attempts without the attachment. “If the previous email fails to be sent, W32/Mimail-L will then attempt to send another email without an attachment. This email pretends that the recipient’s credit card details have been debited in connection with a transaction for child porn. This appears to be an attempt to panic the recipient, and encourage him to email an address hosted by an anti-spam organization,” the company explained in an alert.
Messaging security firm MessageLabs has maintained a “high risk” rating on the MiMail virus after stopping more than 200,000 infections in more than 100 countries worldwide.
* For more on the increasing threat of email borne viruses, see our special report: Worms! Flaws! Bugs!
Businesses near ‘PokeStops’ are enjoying a huge surge in footfall due to the popularity of Pokémon Go, according to our first major ... read more
A new organization, The Coalition for Better Ads, has been launched to “leverage consumer insights and cross-industry expertise to develop and implement ... read more