The Web    Google
10/11: Noomy-A Worm Exploits Email, IRC

10/11: Noomy-A Worm Exploits Email, IRC
October 11, 2004

Worm_Noomy.A is a mass-mailing worm that propagates via email and Internet Relay Chat (IRC). It drops copies of itself using attractive file names in order to trick users into opening the email attachment or link.

It makes use of MSWINSCK.OCX in order to run properly. This file is a non-malicious, Microsoft Winsock Control DLL file that is used in Visual Basic applications to add the functionality of socket programming. If it is not able to find the said file on a system, it downloads it from several Web sites.

This worm terminates several processes, and performs denial of service (DoS) attacks against several Web sites. It also has backdoor capabilities, and may execute commands coming from a remote malicious user.

It runs on Windows 98, ME, NT, 2000, and XP.

Technical details are at Trend Micro page.

  • New Spam Scam Exploits Pope's Death
  • Worm Spreads Via Email With Variable Characteristics
  • IT Budget Woes Hampering Real-Time Responsiveness
  • Senate Debating Data Privacy Changes
  • Researcher: IE Cumulative Patch Inadequate
  • Arrested Criminal Hackers Used Wi-Fi
  • OpenVMS: An Old OS Hasn't Lost Security Footing
  • Immunize Your Servers Against Attack
  • 12/7: Banker-BG Trojan Targets Brazilian Banks
  • HP Cuts to the Middle of Disaster Recovery
  • Cisco Fixes a Pair of IOS Vulnerabilities
  • Security Camera Companies and products