Home  |Philosophy | ICT Services | Services | Enquiries| About Us


Search          
Article Finder          
Sign up  
Download                    
Team          
Links          

 


W32/Bofra-B - YET ANOTHER WORM WARNING!
by Mike Martin
01/11/2004
 

We apologise for reporting yet another instance of a WORM or virus “in the wild” (as some anti-virus companies describe it). 

This new WORM is different from other WORM infections, in that it is not propagated by the unsuspecting user opening an attachment to an e-mail.  In this case, the e-mail contains a hyperlink to a web site and encourages the user to visit that site.  When he/she does so, it downloads computer code that silently infects that user’s system.  It then does the usual of “harvesting” any e-mail addresses that are on the computer and sends the bogus e-mail to them all.

The name given to this new breed is W32/Bofra-B.  Some anti-virus companies have stated that it is a variant of the famous “MyDoom” WORM, but others dispute that it is.  The semantics of the matter are unimportant.  To ensure that it does not infect your system, make sure of one or more of the following:

·         If you are running Windows XP, make sure that Service Pack 2 (SP2) has been installed, as this makes your system immune to this kind of infection (providing the firewall has been left activated and configured correctly).

·         You have a hardware or software firewall of another flavour installed and configured correctly.

·         Your anti-virus software is installed and the virus “signature” database within it is up to date.

·         You watch for e-mail that purports to be from PayPal (this is an Internet credit card purchase agent).  The e-mail states that it is confirmation of a US$ credit card purchase.  Unsuspecting users will obviously wish to investigate any mysterious credit card purchases and click on the link, which is what the perpetrators want).

This infection will not damage your computer as a conventional virus tends to do, it is a “mass-mailing” WORM that causes mayhem in the mail systems that it infects.

The following two links from anti-virus company Sophos, are particularly useful in explaining this latest threat:

http://www.sophos.com/virusinfo/articles/howbofrawork.html

http://www.sophos.com/virusinfo/articles/bofrab.html
 
 

We wish to acknowledge with thanks that some of the material contained within this publication has been sourced from Computer Weekly.
 
May Day Consulting Limited and your Chamber of Commerce have endeavoured to ensure the accuracy of the information contained in this publication, but do not accept liability for any inaccuracy or omission contained within it.

May Day Consulting Limited
9 Benbecula Road, Sheddocksly, Aberdeen, Scotland  B16 6FT

Tel: 01224 697457
Mob: 07817624652

www: http://www.maydayconsulting.co.uk
www: http://www.understand-it.co.uk

email: enquiries@itsmeit.co.uk
email: alan.finch@maydayconsulting.co.uk

Directors: Alan Finch (Dip Mgt Studies); Margaret Finch
Company Registered in Scotland SC230050
VAT Registered Number 813 7511 45
Registered Office: Bon-Accord House
Riverside Drive
Aberdeen AB11 7SL

Copyright © 2007 May Day Consulting Limited
Send e-mail to webmaster@broch.com with questions or comments about this web site.