Factbites
Where results make sense
About us   |   Why use us?   |   Reviews   |   PR   |   Contact us  

Topic: Doomjuice


Related Topics
La Presa, California
Cow tipping
CVV2
Nile Rodgers
Pierre Berton
Royal Institute of British Architects
500 home run club
British Dietetic Association
Hydrochlorofluorocarbon

In the News (Sun 27 Dec 09)
Northern Trust
Marvin Harrison
Peter Chernin
Gary Locke
Match Play
Penelope Cruz
Mickey Rourke
AR Rahman
Danny Boyle
Hugh Jackman

  
  F-Secure Computer Virus Information Pages: Doomjuice
Doomjuice worm, also known as Mydoom.C, was found on February 9th, 2004.
Doomjuice spreads between computers that are already infected with the Mydoom.A worm.
One of Doomjuice's payloads is that it drops the source code of Mydoom.A in a bzip2 compressed TAR archive.
www.f-secure.com /v-descs/doomjuice.shtml   (273 words)

  
 SignOnSanDiego.com > News > Technology -- New 'Doomjuice' worm emerges, targets Microsoft
Doomjuice, which some are describing as a variant of the MyDoom worm, spreads via e-mail systems already infected with the first version, which became the fastest-spreading virus ever when it was unleashed on the Internet at the end of January.
Because Doomjuice spreads directly between infected computers, rather than via e-mail, experts said that it would not be accurate to call it a variant of MyDoom, which accounted for as many as one in five e-mails at its peak in late January.
Doomjuice, which experts said was most likely created by the same author as MyDoom, is designed to flood Microsoft's web site for request for data in an effort to bring it down, an attack known as a distributed denial of service.
www.signonsandiego.com /news/computing/20040209-1442-tech-worm.html   (477 words)

  
 Boston.com / Business / Technology / 'Mydoom' creators start up 'Doomjuice'   (Site not responding. Last check: 2007-10-24)
Finnish computer security experts warned Tuesday of a new worm, known as "Doomjuice," that is expected to attack computers infected by "Mydoom," despite the fact it's programmed to stop spreading later this week.
Doomjuice drops the original source code of the Mydoom.A worm in an archive to folders on infected computers.
Doomjuice's ability to spread is limited because it will only attack computers infected by Mydoom, Hypponen said.
www.boston.com /business/technology/articles/2004/02/10/mydoom_creators_start_up_doomjuice   (455 words)

  
 G4 - Feature - Microsoft's Critical Problems   (Site not responding. Last check: 2007-10-24)
A new variant of the MyDoom.a virus, dubbed Doomjuice, is targeting machines still infected with the original MyDoom worm.
Antivirus experts fear Doomjuice may spread to the roughly 75,000 machines believed to be infected with the original MyDoom, the majority of which are most likely home machines.
Doomjuice attempts to connect to TCP port 3127, so blocking that port can thwart possible infection.
www.g4tv.com /techtvvault/features/47141/Microsofts_Critical_Problems.html   (705 words)

  
 Son of MyDoom Stalks Microsoft - Viruses & Worms - Enterprise Security Today
Doomjuice appears to be targeting Microsoft, as did MyDoom.B. Security firm F-Secure reported that Microsoft's Web site experienced a disruption in service on Monday as a result.
"Doomjuice delivers the source code of the original worm to the infected computer, which is almost never done.
But since Doomjuice is implanting the original source code on infected hard drives, it will be much harder for the authorities to convict the virus writer or writers, Magallanez says.
www.enterprise-security-today.com /perl/story/23159.html   (708 words)

  
 Doomjuice Alert
Doomjuice, the new MyDoom variant also known as MyDoom c, does not spread by e-mail.
Doomjuice, however, has no kill date like the one that was found in MyDoom.
Doomjuice will continue its Microsoft attacks until the virus is eliminated from all computers.
www.compukiss.com /populartopics/computercenterhtm/article1108.htm   (299 words)

  
 Latest MyDoom Variant, DoomJuice, Attacks - e Security Guy
DoomJuice is a worm which looks for infected systems and then uses the MyDoom backdoors on those systems to help infect other systems.
DoomJuice is not expected to be as great a problem as the MyDoom Viruses as it can only spread if it is able to find previously infected machines.
In order to find those machines, DoomJuice scans random machines on the Internet to see if they are infected.
www.esecurityguy.com /doomjuice_attacks   (278 words)

  
 Doomjuice unleashed on the Internet
Doomjuice does not spread over email at all.
Doomjuice drops the original source code of the Mydoom.A worm in an archive to several folders of infected computers.
Before the Doomjuice incident, only the authors of Mydoom.A had the original source code.
www.sanjuanislander.com /technology/problems/worm.shtml   (350 words)

  
 Look out for 'DoomJuice,' a Follow-Up to MyDoom
DoomJuice exploits these ports by dropping a copy of the MyDoom source code to establish its credentials, then setting up the PC for use as a server in a denial-of-service attack against Microsoft.
The emergence of DoomJuice confirms Gartner's recent judgment that the MyDoom worm aimed to enable future malicious-code attacks.
MyDoom and DoomJuice are both sophisticated, well-engineered attacks, but they seem to represent little more than Internet vandalism.
www.gartner.com /DisplayDocument?doc_cd=119668   (540 words)

  
 Doomjuice, Deadhat feed on MyDoom infections: ZDNet Australia: News: Security
The two opportunistic programs--dubbed Doomjuice and Deadhat--threatened only those users still infected with a version of the MyDoom virus, and didn't pose a major problem for businesses, which had previously cleaned systems infected with the virus, the companies said.
Doomjuice, whose spread has been moderate, attempts to direct any re-infected PC to attack Microsoft's Web site, Gullotto said.
Doomjuice, which scans for PCs infected with MyDoom, has spread to enough computers that customers have submitted samples to Network Associates' Gullotto.
www.zdnet.com.au /news/security/0,2000061744,39116051,00.htm   (782 words)

  
 W32.HLLW.Doomjuice aka W32/Doomjuice.Worm.a Characteristics and Removal instructions
Doomjuice worm copies to Windows System folder as intrenat.exe and modifies the registry RUN section to load automatically.
Doomjuice worm contains a payload to perform distributed denial-of-service attack on microsoft.com server.
Solo has incorporated Doomjuice in its signature file to protect users from this worm attack.
www.srnmicro.com /virusinfo/doomjuice.htm   (188 words)

  
 Doomjuice variant ups the ante in MS attack | The Register
A new version of the Doomjuice worm has been released into the wild in an apparent effort by hackers to modify an attack against Microsoft's Web site.
TDoomJuice-B is smaller in size than DoomJuice-A because it does not drop the source code of MyDoom-A. AV vendor F-Secure reckons DoomJuice-B is slightly more virulent than its predecessor.
Netcraft estimates the scope of the "zombie" network potentially commanded by DoomJuice-B is likely to be smaller than the original pool of MyDoom-compromised machines which has kept www.sco.com offline with a DDoS attack since the start of February.
www.theregister.co.uk /2004/02/11/doomjuice_variant_ups_the_ante   (301 words)

  
 Netcraft: DoomJuice.B Refines DDoS Attack Against Microsoft
A new version of the DoomJuice worm seeks to launch a more effective denial of service attack on Microsoft's web site tomorrow, according to F-Secure.
The army of "zombie" computers potentially commanded by DoomJuice.B is likely be smaller than the original pool of MyDoom.A-compromised machines that have kept the the SCO website offline since Feb. 1 with a DDoS attack.
DoomJuice uses a backdoor left open by MyDoom.A to propagate itself, foregoing efforts to spread through e-mail and peer-to-peer file sharing networks.
news.netcraft.com /archives/2004/02/11/doomjuiceb_refines_ddos_attack_against_microsoft.html   (289 words)

  
 E-Commerce News: Security: Doomjuice Worm Puts New Squeeze on IT
To locate machines that have the backdoor, Doomjuice scans random IP addresses and attempts to connect to port 3127.
First, Doomjuice spreads to computers infected with the MyDoom worm, entering through a previously established backdoor.
Doomjuice's immediate impact may be less severe than that of MyDoom because most people cleaned MyDoom off their computer.
www.ecommercetimes.com /perl/story/32813.html   (851 words)

  
 MyDoom's DoomJuice Virus Hits Web
The third version of MyDoom, Mydoom.C or Doomjuice as it is popularly known, emerged on the Internet on Monday.
MyDoom's DoomJuice targeted Microsoft's Web site, slowing down the software maker's home page, but not resulting in the Deny of Service message that its creators were hoping for.
The latest and the newest variety in the parade, DoomJuice targets only those PCs, which have been affected with its earlier variants.
www.webadvantage.net /tip_archive.cfm?tip_id=393&&a=1   (506 words)

  
 CXOtoday.com > News > Security > New 'Juiced' Up Worm Spells Relapse Of Doom Era
A new network worm known as Doomjuice, which is closely associated with the previous Mydoom variants, was detected yesterday.
Doomjuice has launched a worldwide Denial of Service (DoS) attack against www.microsoft.com - one of the largest websites in the world.
According to Mikko Hypponen, director of anti-virus research at F-Secure, "This proves to us that Doomjuice and Mydoom.A are written by the same people.
www.cxotoday.com /cxo/jsp/index.jsp?section=News&file=template0.jsp&subsection=Security&subsection_code=2&storyid=622   (651 words)

  
 Doomjuice Saga Continues
It propagates using the same methods as the original Doomjuice: both worms scan the Internet for computers infected either by Mydoom.a or Mydoom.b.
Doomjuice uses port 3127, breached earlier by Mydoom, to install copies of itself, which the Trojan component of Mydoom then launches.
The DoS attack will be launched in any month of any year except January, excluding dates between the 8th and 12th of the month.
www.kaspersky.com /news.html?id=3965522   (275 words)

  
 Mydoom, Zindos, and Doomjuice Worm Removal Tool   (Site not responding. Last check: 2007-10-24)
Microsoft has released a tool to remove Mydoom, Zindos, and Doomjuice worm variants and associated back door components from computers that are running any products that are listed in the "Applies to" section.
Detect or remove malicious programs, except for Zindos.A and Doomjuice variants A and B, that are on your computer because of the back door components that are created by Mydoom variants.
However, if a Mydoom, Zindos, or Doomjuice worm infected your computer before an up-to-date antivirus program was installed, and scheduled (or background) virus scanning is disabled, your antivirus program might not detect the worm until the Microsoft Mydoom Worm Removal Tool tries to remove the worm.
support.microsoft.com /default.aspx?scid=kb;en-us;836528   (3909 words)

  
 Creators of "Mydoom" worm unleash "Doomjuice"
Finnish computer security experts warned Tuesday of a new worm, known as "Doomjuice," that is expected to attack computers infected by "Mydoom."
The virus, first detected by Helsinki-based company F-Secure on Monday night, has so far infected at least 30,000 computers worldwide since it was activated Sunday, said the company's director of antivirus research, Mikko Hypponen.
Although Mydoom is programmed to stop spreading on Feb. 12, Doomjuice could run forever, he warned.
www.securityfocus.com /news/7999   (361 words)

  
 MyDoom author may be covering tracks | Tech News on ZDNet
The worm, Doomjuice, spreads to computers that have already been infected by either the original MyDoom virus or the MyDoom.B variant, and among other actions, places several copies of the source code for MyDoom.A on a victim's computer.
Doomjuice is one of two opportunistic programs--the other dubbed Deadhat--that started spreading this week.
Doomjuice's possession of the source code for the original MyDoom virus suggests that the creator of the worm is also the writer of the original virus.
zdnet.com.com /2100-1104_2-5156836.html   (578 words)

  
 E-Commerce News: Security: Doomjuice.B Variant Builds on MyDoom Mayhem
02/12/04 7:36 AM PT Doomjuice and Deadhat are the first reported opportunistic worms, but they will not be the last.
Network Associates has estimated only about 50,000 to 75,000 machines are still infected, so any Doomjuice attack would be on a much smaller scale than the MyDoom debacle.
Doomjuice and Deadhat are the first reported opportunistic worms, but they will not be the last.
www.ecommercetimes.com /story/32842.html   (766 words)

  
 Remove Doomjuice.A Worm, Delete intrenat.exe, Gremlin
Doomjuice worm uses computers infected by Mydoom or Mydoom.B to spread.
If Panda Antivirus detects Doomjuice during the scan, it will AUTOMATICALLY offer you the option of deleting it.
Start your Panda Titanium Antivirus 2005 or Platinum Internet Security 2005 and make sure that it is configured to scan all the files.
www.securemost.com /articles/trou_5_doomjuice.htm   (614 words)

  
 TCP Port 3127
Used by the myDoom/Novarg virus as a backdoor port.
DoomJuice, Welchia, and Deadhat have appeared as the first widely spread worms to take advantage of this back door, but port 3127 has become one of the favourite infection vectors of an endless parade of Agobot and other malware.
Outbound scans especially if occurring in volume should be considered an indication of a possible infection or compromise on the source computer and should be investigated immediately.
www.linklogger.com /TCP3127.htm   (189 words)

  
 IET What's New: Filter for Doomjuice Traffic   (Site not responding. Last check: 2007-10-24)
The computer now infected by both MyDoom and Doomjuice then seeks to spread the exploit to yet other computers and also launch a denial of service attack against the Microsoft Corporation web site.
In order to minimize the spread of this new exploit and control the denial of service attack, filters have been implemented at the campus border, modem pools, and wireless to terminate inbound and outbound traffic conducted using TCP3127-3198 services.
We are running the latest anti-virus update for the campus email servers and will be checking throughout the day for the availability of the next update release.
security.ucdavis.edu /print.cfm?id=670   (219 words)

  
 I.T. Vibe - DoomJuice virus targets microsoft.com   (Site not responding. Last check: 2007-10-24)
DoomJuice is a worm which spreads by exploiting a backdoor installed by MyDoom.
The DoomJuice virus will then attempt to contact computers infected with MyDoom.
If successful, DoomJuice will copy itself to that machine.
itvibe.com /news/1257   (313 words)

  
 Geek.com Geek News - Doomjuice worm going after Microsoft website
A new worm called Doomjuice has made its debut on the Web, targeting Microsoft's website.
Doomjuice spreads by randomly generating and trying to connect to IP addresses.
I get the feeling that whoever wrote the original MyDoom has a plan, and this Doomjuice thing is actually Phase 3 or something....
www.geek.com /news/geeknews/2004Feb/wge20040210023806.htm   (2521 words)

  
 USATODAY.com - New Doomjuice worm emerges, targets Microsoft   (Site not responding. Last check: 2007-10-24)
SEATTLE — A new worm dubbed "Doomjuice" targeting Microsoft's Web site emerged on the Internet Monday, which security experts said slowed parts of the software maker's home page.
He said it was not spreading as rapidly as the initial MyDoom worms.
The worms then instructed infected PCs to flood the Web sites of the SCO Group and Microsoft in an effort to shut them down.
www.usatoday.com /tech/news/computersecurity/2004-02-10-doomjuice_x.htm   (474 words)

  
 MyDoom Sneaks Doomjuice through the 'Back Door'
Doomjuice forgoes the email route and invades Windows systems by slipping through a backdoor established by both flavors of MyDoom, which propped open PCs via TCP/IP port 3127.
Network Associates' McAfee division categorizes Doomjuice as a low-level threat, due to the widespread efforts PC users and IT departments have taken to wipe MyDoom from infected systems and, as a result, any damage its backdoor could have triggered.
As far as detecting Doomjuice goes, the company says that the presence of sync-src-1.00.tbz and intrenat.exe is a dead giveaway.
www.enterpriseitplanet.com /security/news/article.php/3311071   (648 words)

Try your search on: Qwika (all wikis)

Factbites
  About us   |   Why use us?   |   Reviews   |   Press   |   Contact us  
Copyright © 2005-2007 www.factbites.com Usage implies agreement with terms.