Planters First
New Ad Campaign

  Main Page  
  Locations  
  Financial Page  
  News Update  
  Personal Page  
  Privacy and Security  
Back

Virus Information

NEW Virus Detected

The W32.Beagle.J@mm worm:

  • Is a mass-mailing worm that opens a backdoor on TCP port 2745 and uses its own SMTP engine to spread through email.
  • Sends the attacker the port on which the backdoor listens, as well as the IP address.
  • Attempts to spread through file-sharing networks, such as Kazaa and iMesh, by dropping itself into the folders that contain "shar" in their names.

The email has the following characteristics:
From: Spoofed to appear as though it is coming from one of the following addresses at the recipient's domain:

  • management
  • administration
  • staff
  • noreply
  • support

Attachment: A randomly named .exe file, stored inside a .zip file, or a .pif file. The .zip file may be password-protected, though Symantec antivirus products will detect these files.

Note:

  • Virus definitions released on February 18, 2004 detect this threat as W32.Beagle.A@mm.
  • There is no static MD5 available for this threat.
  • Symantec Security Response has developed a removal tool to clean the infections of W32.Beagle.J@mm.

If you feel you have this virus please go to this wesite and you can down load the removal tool.

http://securityresponse.symantec.com/avcenter/venc/data/w32.beagle.j@mm.html

Stawin.a

********

Stawin.a virus infects by installing a keylogger that sends online banking logon information to the attacker. The virus was first spotted about 24 hours ago.

Stawin.a spreads as an email attachment named message.zip, which is already blocked by the iSensor. No intrusion prevention update is necessary.

WARNING: Stawin.a is very likely to infect many home users, who often don't use anti-virus software. Banks and credit unions may want to post a warning on their on-line banking logon screen.

What can you do?

****************

Make sure your anti-virus software is current and run a network scan.

If using Microsoft Outlook to read email, turn off the Preview pane for all email folders. The Preview Pane actually opens the email and any malicious code will be executed.

Warn your email users not to open email attachments, especially "message.zip" attachments -- even if they appear to come from a trusted source.

More information

****************

Stawin & Mydoom.b announcements: http://www.securityfocus.com/archive/75/351580

Stawin at Sophos: http://www.sophos.com/virusinfo/analyses/trojstawina.html

Mydoom.b at NA: http://vil.nai.com/vil/content/v_100988.htm

Email viruses: http://www.cert.org/advisories/CA-2004-02.html

If you have any questions please call us at 229-273-7281 X 251 or 229-273-8466

Sincerely,

PlantersFIRST

Internet Banking

Back
 
 
Equal Housing Lender  Member FDIC
This site is best viewed with Microsoft Internet Explorer version 4.0 or higher and 800 X 600 screen resolution.
Copyright © 2000, PlantersFIRST. All rights reserved. Please direct website comments to webmaster@PlantersFIRST.com