The Web    Google
4/12: Mytob-AR Yet Another Variant

4/12: Mytob-AR Yet Another Variant
April 12, 2005

W32.Mytob.AR@mm is a mass-mailing worm that uses its own SMTP engine to send an email to addresses that it gathers from the compromised computer with back door capabilities.

The worm spreads by exploiting the Microsoft Windows Local Security Authority Service Remote Buffer Overflow (described in Microsoft Security Bulletin MS04-011) and the Microsoft Windows DCOM RPC Interface Buffer Overrun Vulnerability (described in Microsoft Security Bulletin MS03-026).

Technical details can be found at Symantec page.

  • 4/5: Mytob-Y Worm Copies Itself to Email
  • 3/31: MyDoom-AI Worm Uses Email
  • 3/18: Agent.E Trojan Acts as HTTP Proxy
  • Should You Hack Your Own Network?
  • Pedestal Adds Security Benchmark Score to Audit Software
  • Security Flaw Found In Sun Solaris Servers
  • Symantec, Veritas Leaders Tout Merger
  • Check Point Appliances Target Small Businesses
  • Security Experts On Alert for Large-Scale Hacker Assault
  • 9/9: Trojan.Riler Installs Itself As LSP
  • 1/27: Rbot-AIX Worm Has Backdoor Functions
  • Security Camera Related Information