Another Windows worm has begun to spread, posing as a security patch from Microsoft, a fix for the Blaster worm or a crack for a porn website. Anti-virus company Sophos said the worm, which it had christened W32/Yaha-Y, spread via network shares and email. Emails sent by the worm were randomly selected from a list contained inside the worm. Computer Associates’ analysis of the worm showed that its payload modified the lmhosts file on an infected computer to block access to symantec.com, microsoft.com, sophos.com, avp.ch, mcafee.com trendmicro.com, pandasoftware.com, www3.ca.com and ca.com – all anti-virus companies’ sites, apart from Microsoft. Full Story
About OODA Analyst
OODA is comprised of a unique team of international experts capable of providing advanced intelligence and analysis, strategy and planning support, risk and threat management, training, decision support, crisis response, and security services to global corporations and governments.