Newsletters   Subscriptions  Forums  Store  Media Kit  About Us  Contact  Search   Home 
fhg
Volume 4, Number 5 -- February 18, 2004

OS/400 Alert: Virus Targets AIM


by Shannon O'Donnell

Do you use the AOL Instant Messenger program to communicate with your friends and coworkers? If you do, you might become the recipient of a new virus that's spread through the program. In this issue of "OS/400 Alert," I'll give you the lowdown on this sneaky new virus. I'll also tell you about several other viruses and updates that you should be aware of.

AIM BECOMES TARGET OF SNEAKY VIRUS

If you use AOL Instant Messenger, you may become the target of new virus-like software attacking AIM users. I say virus-like because it is not truly a virus. Virus software is software that is installed on your computer, without your consent, and acts in a malicious or unwanted manner. You must download this new virus yourself after agreeing to its terms of service.

The virus software is sent through an AIM message, seemingly from a friend on your buddy list, which has a link to a new Osama bin Laden game. Since the message comes from someone you think you know, you may click the link and download the software. To make things worse, you actually have to agree to the rules of the virus software before you can download it. But since most people never read the legal mumbo jumbo when downloading software, you may not realize what kind of trouble you've gotten yourself into until the virus software has been downloaded and installed.

What can you do to protect yourself from viruses like this? First, never download anything until you read all of the requirements and agreements that come with the software. If you don't like what it says, don't download it. Second, don't click any link sent from an AIM buddy unless you first verify that your buddy actually sent it. And, finally, always keep an up-to-date version of antivirus software, such as Norton Anti-Virus or McAffee Anti-Virus. Both of these packages will catch such viruses and prevent you from installing, running, and spreading them.

IBM'S RECOMMENDED FIX OF THE WEEK

A recommended fix is available this week for V5R2 Management Central.

There's a recommended fix available for OS/400 Save and Restore.

There are recommended fixes available for BRMS.

There are recommended fixes available for AS/400 performance.

THIS WEEK'S NASTY WINDOWS WORRIES

W32.Welchia.C.Worm appears to be helping you, by downloading a couple of security patches from Microsoft. The worm then attempts to delete the MyDoom virus. What you don't see happening is all the damage going on in the background.

VBS.Laske@mm is a mass-mailing virus that attempts to delete all content from drives A through P.

W32.Doomhunter is a worm that attempts to spread to machines infected with variants of W32.Mydoom@mm.

W32.HLLW.Deadhat.B is a variation of the W32.HLLW.Deadhat worm that gives hackers backdoor capability to your system. This virus spreads through the SoulSeek file-sharing program.

X97M.Esab is a simple macro virus that creates the 0Killbase.xls file in the Microsoft Excel startup folder. It infects other Excel workbooks when they are saved.

W32.HLLW.Doomjuice.B uses computers infected by W32.Mydoom.A@mm in order to spread. This worm also launches a denial-of-service attack on Microsoft's Web site.

W32.Dumaru.AH@mm is a multi-threaded, mass-mailing worm that opens a backdoor, runs a keylogger, and attempts to steal personal information. The worm uses its own SMTP engine to spread to e-mail addresses it finds in the files on an infected system.

VBS.Bootconf.B is a Trojan horse that modifies Internet Explorer settings, redirects Web sites (such as Google, Yahoo, and MSN) to a different search page, and may pop up browser windows to a pornographic Web site.

W32.Kifer is a Trojan horse that drops BAT.Snoital@mm, which will attempt to delete antivirus software from your computer. It also spreads through MAPI-enabled e-mail clients, such as Microsoft Outlook, and IRC.

PTF'S AND FIXES FOR OS/400 AND RELATED PROGRAMS

The latest cumulative package for V5R2 customers was released on January 21.

The latest HIPER package was released on January 20.

The Database Group PTF was updated on January 26.

Sponsored By
DAMON TECHNOLOGIES

RSP is the Evolution of RPG

RSP (RPG Server Pages) is the best way to develop Web applications with RPG.

· Developers use their existing RPG skills.
· More robust than CGI with greater flexibility and speed.
· RSP is not just visual development. It is an application server built specifically for the iSeries.
· Full debug capabilities.
· Session Handling with a built in garbage collector.
· Use WDSc to develop your web content.
· Priced Right.

With RSP, Web content is developed with the Ease, Speed, and Reliability of RPG.

In today's fast paced business world, there is not enough time or resources to convert RPG developers into Java developers. The logical step to bring your business critical applications to the Web is with RSP. RSP gives the developer the tools necessary to create fast and reliable Web applications.

Download your free copy of RSP today!

www.damontech.com
Evolve
Editors: Howard Arner, Joe Hertvik, Ted Holt,
Shannon O'Donnell, Kevin Vandever
Managing Editor: Shannon Pastore
Contributing Editors: Raymond Everhart, G. Wayne Hawks,
Marc Logemann, David Morris
Publisher and Advertising Director: Jenny Thomas
Advertising Sales Representative: Kim Reed
Contact the Editors: To contact anyone on the IT Jungle Team
Go to our contacts page and send us a message.

THIS ISSUE
SPONSORED BY:

Guild Companies
Client Server Development
COMMON
iTera
Damon Technologies


BACK ISSUES

TABLE OF
CONTENTS
iSeries Navigator: A World of Wizards

A Super Way to Display a Date

Short Circuit Evaluation

Admin Alert: Creating a Private Subsystem

OS/400 Alert: Virus Targets AIM



Copyright © 1996-2008 Guild Companies, Inc. All Rights Reserved.
Guild Companies, 50 Park Terrace East, Suite 8F, New York, NY 10034
Privacy Statement