Results 1 to 8 of 8
  1. #1
    Gold Lounger
    Join Date
    Feb 2003
    Location
    Wardrobe Malfunction Junction, Derry
    Posts
    2,953
    Thanks
    0
    Thanked 0 Times in 0 Posts

    Porn Spam & Best Way to Update Norton Antivirus

    There has been a lot of publicity on an innovative way to send Porn Spam and this brings up an example of why and how to update your definitions. Backdoor.migmaf is a backdoor Trojan that porn spammers have been using to allow a remote user to host undesirable web sites on a victim's computer without being detected and shut down by the IP Provider. The virus acts as a reverse proxy web server on the victim computer. All antiviral companies have or will soon have removal detection tools for it. Migmaf, written in Visual C++, packed with tElock v0.98, creates a mutex, and adds a value to your registry key
    HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentV ersionRun

    It checks your keyboard to see if it's Russian, and exits if it is.

    Backdoor.Migmaf Shows How To Update Norton's Definitions:

    Symantec Security Response on Migmaf
    Note that protection/detection is delivered two ways: If you manually went to Intelligent Updaterat the near daily intelligent updater you would have gotten protection in the definition Monday July 14. If you wait for Live Update, you would get it on Wednesday July 16 two days later. If you were targeted successfully before the weekly update, you would have a good reason to start checking manually every day.

    I use Norton, so I don't keep track of how it's done with the array of equally good other choices for viral protection that are out there.

    SMBP

  2. #2
    Super Moderator jscher2000's Avatar
    Join Date
    Feb 2001
    Location
    Silicon Valley, USA
    Posts
    23,112
    Thanks
    5
    Thanked 93 Times in 89 Posts

    Re: Porn Spam & Best Way to Update Norton Antivirus

    Here is Trend Micro's write-up: Virus Encyclopedia > TROJ_MIGMAF.A.

    Is it possible for this thing to override a firewall? I wonder what happens if the trojan sets itself up to listen on port 80 but ZoneAlarm (for example) is set up to drop packets on port 80? Who wins?

  3. #3
    Uranium Lounger
    Join Date
    Dec 2000
    Location
    Los Angeles Area, California, USA
    Posts
    7,453
    Thanks
    0
    Thanked 0 Times in 0 Posts

    Re: Porn Spam & Best Way to Update Norton Antiviru

    Thanks for this information. I went to the Intelligent Updater site, but it seems that it's only for later versions. I still have NAV 5.00.26 (although Help about still says 4.04, and my updates are free. Looks like I'll have to be careful until Wednesday. <img src=/S/grin.gif border=0 alt=grin width=15 height=15>

  4. #4
    Gold Lounger
    Join Date
    Feb 2003
    Location
    Wardrobe Malfunction Junction, Derry
    Posts
    2,953
    Thanks
    0
    Thanked 0 Times in 0 Posts

    Re: Porn Spam & Best Way to Update Norton Antivirus

    I'll have to research this one, but some of the blended threats as you know can penetrate fire walls. and their ports. I heard a talk on this much more interesting than I though a virus talk could be from Symantec at a Comdex-Interop and blended threats that can get through firewalls are among the biggest worries these days.

    SMBP

  5. #5
    Super Moderator jscher2000's Avatar
    Join Date
    Feb 2001
    Location
    Silicon Valley, USA
    Posts
    23,112
    Thanks
    5
    Thanked 93 Times in 89 Posts

    Re: Porn Spam & Best Way to Update Norton Antivirus

    <P ID="edit" class=small>(Edited by jscher2000 on 15-Jul-03 20:20. Yup, you need to create a login to access the archived recording.)</P>I heard a webcast last month entitled The Coming Super Worms. Quite disturbing. Register for the webcast to get access to the archive.

    Maybe we should submit the question to the ZoneAlarm people for an answer.

  6. #6
    Gold Lounger
    Join Date
    Feb 2003
    Location
    Wardrobe Malfunction Junction, Derry
    Posts
    2,953
    Thanks
    0
    Thanked 0 Times in 0 Posts

    Re: Porn Spam & Best Way to Update Norton Antivirus

    Yes. It's a good question and thanks for the link.

    SMBP

  7. #7
    Gold Lounger
    Join Date
    Feb 2003
    Location
    Wardrobe Malfunction Junction, Derry
    Posts
    2,953
    Thanks
    0
    Thanked 0 Times in 0 Posts

    Re: Porn Spam & Best Way to Update Norton Antivirus

    In addition to blended threats and Superworms, there is the epidemic of "we don't have no security--what is it--isn't WAP good enough?" growing exponentially. In one demonstration, Microsoft was able to export locations to MapPoint of the majority of downtown law office machines in a large city running no protection because they were using wireless notebooks and or tablets/pdas and using WAP and not running them to the servers to a WEP or VPN setup. Few doctors seem who are fond of wireless notebooks, tablets, or PDAs seem to be aware of tying to WEP or VPN and the so-called confidential info from these medical or law offices is out there for the picking of anyone who drives by. Right now the person monitoring has violated any laws, but HIPPA requirements haven't been met.

    It's going to get worse as people understand the need to build out WIFI since on the user end 80211B>A>G is a chuggin' but on the build out end only around 15% of the infrastructure of the U.S. is up--far behind Europe. And Microsoft has been easy pickings as well:

    Trojan Horses Meet the Home Office.

    Wireless connections are going to become ubiquitous as they should and devices that point and grab information will also. Concomittantly for a good while it will become easier and easier with the rise in telecommuting, wireless devices and abysmally poor encryption hygeine to for information to be poached and identities to be stolen, and there will be some huge case examples of information leaks. People using the devices are so busy trying to get the technology down that they are forgetting to protect their information. The trojans, and superworms are going to get considerably more sophisticated and damaging.

    SMBP

  8. #8
    Gold Lounger
    Join Date
    Feb 2003
    Location
    Wardrobe Malfunction Junction, Derry
    Posts
    2,953
    Thanks
    0
    Thanked 0 Times in 0 Posts

    Re: Porn Spam & Best Way to Update Norton Antivirus


Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •