Discovered: January 14, 2008
Updated: January 15, 2008 10:47:51 AM
Type: Worm
Infection Length: 229,376 bytes
Systems Affected: Windows 2000, Windows 95, Windows 98, Windows Me, Windows NT, Windows Server 2003, Windows Vista, Windows XP
W32.Fishinflu@mm is a mass-mailing worm that spreads through removable drives and by sending messages to mIRC users.
Protection
-
Initial Rapid Release version January 14, 2008 revision 056
-
Latest Rapid Release version June 28, 2008 revision 022
-
Initial Daily Certified version January 15, 2008 revision 002
-
Latest Daily Certified version January 20, 2009 revision 048
-
Initial Weekly Certified release date January 16, 2008
Click for a more detailed description of Rapid Release and Daily Certified virus definitions.
Threat Assessment
Wild
-
Wild Level: Low
-
Number of Infections: 0 - 49
-
Number of Sites: 0 - 2
-
Geographical Distribution: Low
-
Threat Containment: Easy
-
Removal: Easy
Damage
-
Damage Level: Medium
-
Payload: Lowers security settings on the compromised computer.
-
Large Scale E-mailing: Sends emails to all email addresses in the Microsoft Outlook address book.
-
Modifies Files: Modifies mIRC files in order to send messages to all connected users.
-
Compromises Security Settings: Lowers security settings by disabling certain system tools.
Distribution
-
Distribution Level: High
-
Subject of Email: Very Important!
Writeup By: Masaki Suenaga
Facebook
Digg
Reddit
Technorati
Slashdot
Twitter
Google
Yahoo Buzz
Delicious
StumbleUpon