MiMail Email Worm Spread Fast

August 2003

Worm/MiMail.A is a mass-mailing internet worm that circulated rapidly worldwide. The worm attempts to use an exploit in Microsoft Internet Explorer that allows a created executable virus to run on the local computer.

The internet worm spreads through email by using addresses it collects from local files on compromised clients. It arrives with a zip file attachment called 'message.zip', which contains the file 'message.html'.

Using the noted security exploit within Internet Explorer, 'message.html' will produce an executable file and run it.

An alert from antivirus company Panda Software said: "It's a malicious code with fast email spreading capability. In order to spread itself the worm uses two Internet Explorer vulnerabilities that Microsoft released patches for some time ago."

The worm arrives through email in the following format:

Subject: your account [account info]

Body: Hello there, I would like to inform you about important information regarding your email address. This email address will be expiring. Please read attachment for details.

Best regards, Administrator
Attachment: message.zip

A patch from Microsoft is available, please visit http://www.microsoft.com/security for more information.

Source...

 

With Dionach you get:

• An efficient, friendly and flexible service
• To talk directly to the experts
• Straightforward assessment reports that get to the point
• Complete confidentiality and utmost discretion