Sat, 10 Dec 1994 00:40:06 EST
|
Sorry for the crossposting, but..
I've spotted yet another worm - this time it's called 'EMPIRE EXEC'.
Seems to be in Portugese - I got mine from a person in Brazil. It uses
the usual 'read the names file one line at a time' code we've seen before,
but after it ships itself all over, it then does the following:
PUR RDR ALL
ERASE * EXEC A
ERASE * NOTEBOOK A
ERASE * NAMES A
As such, it's more destructive than previous ones we've seen - everybody
should add this one to their seleective file filter lists as soon as possible
and check your systems for any copies that already got loose.
(Editorial note - I'm really not thrilled about being the world leader in
spotting Bitnet worms. I'm not. Really.)
Those who wish copies for study should contact me directly - and don't ask
unless I know you in person or by reputation - the 'hacquer lamerz' can forget
it. ;)
Valdis Kletnieks
Computer Systems Engineer
Virginia Polytechnic Institute
|
|
|