1. Symantec/
  2. Security Response/
  3. W32.Lofni.Worm

W32.Lofni.Worm

Risk Level 2: Low

Discovered:
July 14, 2003
Updated:
February 13, 2007 12:03:47 PM
Also Known As:
W32.Lohack.B.Worm, W32/Noala@MM [McAfee]
Type:
Worm
Systems Affected:
Windows
CVE References:
CVE-2001-0154

W32.Lofni.Worm is a worm that attempts to spread itself through file-sharing networks. It also attempts to mass mail itself to all the contacts in the Windows Address Book. The email will have a variable subject and attachment name. The attachment will have a .exe or .scr file extension.

The worm uses an internal SMTP client engine. In addition, W32.Lofni.Worm is a network-aware worm. It is a Visual Basic application that is compiled to native code and is packed with UPX v1.23.

Definitions dated prior to July 25, 2003 detect this as W32.Lohack.B.Worm.

Antivirus Protection Dates

  • Initial Rapid Release version July 14, 2003
  • Latest Rapid Release version September 28, 2010 revision 054
  • Initial Daily Certified version July 14, 2003
  • Latest Daily Certified version September 28, 2010 revision 036
  • Initial Weekly Certified release date July 16, 2003
Click here for a more detailed description of Rapid Release and Daily Certified virus definitions.
Writeup By: Sergei Shevchenko

Search Threats

Search by name
Example: W32.Beagle.AG@mm
STAR Antimalware Protection Technologies
2016 Internet Security Threat Report, Volume 21
  • Twitter
  • Facebook
  • LinkedIn
  • Google+
  • YouTube