[pcductape] Witty attacks your firewall and destroys your data

  • From: "Pam" <ltf01@xxxxxxxxxx>
  • To: "pcductape" <pcductape@xxxxxxxxxxxxx>
  • Date: Mon, 22 Mar 2004 09:19:33 -0600

This from an anti virus group I belong to.


Witty attacks your firewall and destroys your data
By Thomas C Greene in Washington
Posted: 21/03/2004 at 21:39 GMT

A new worm that, ironically, makes sport of Win-32
systems defended by BlackIce and RealSecure firewall
products from Internet Security Systems (ISS) began
circulating Saturday.

The worm, dubbed 'witty,' is memory-resident only and
propagates via UDP port 4000, and possibly others.
While occupied with reproducing itself, it overwrites
data on the local hard disk(s), and can render a
machine un-bootable if it corrupts the master boot
record or partition table, or file allocation tables.

The worm is exceptionally vicious by current
standards and implies the presence of a highly
motivated spoil-sport, such as a disgtruntled former
employee, an envious competitor, or a monumentally
dissatisfied customer. Or it could just be a cool bit
of retro coding.

Read more here:
© The Register.

To unsubscribe from this list send an email to
pcductape-request@xxxxxxxxxxxxx with 'unsubscribe' in the Subject field
OR by logging into the Web interface.  

To view the message archives simply go to: 
Take a look at our homepage at http://pcductape.freewebpage.org/

Other related posts: