New variant disables antivirus apps, steals e-mail addresses. Antivirus software companies are warning that a new version of the NetSky e-mail worm is circulating on the Internet. The warning comes only a day after the appearance of a new variant of the Beagle or “Bagle” worm prompted similar warnings. NetSky.B, also known as Moodown.B, first appeared on Wednesday and is spreading via infected e-mail messages and shared network folders. Once installed, NetSky tries to disable antivirus software, steal e-mail addresses, and copy itself to shared network folders, antivirus companies say. The new worm is a modified version of NetSky.A, which appeared on Monday. Like its predecessor, NetSky.B arrives in e-mail messages that have randomly generated subject lines such as “something for you,” “hello,” or “fake.” The worm file is contained in a zipped attachment that also has a randomly generated name and file type such as “document” “stuff” or “party.” File attachments with an .exe, .scr, or .pif extension are also common, says antivirus company TruSecure. Full Story
About OODA Analyst
OODA is comprised of a unique team of international experts capable of providing advanced intelligence and analysis, strategy and planning support, risk and threat management, training, decision support, crisis response, and security services to global corporations and governments.