{"id":2975,"date":"2004-01-29T14:37:42","date_gmt":"2004-01-29T13:37:42","guid":{"rendered":"https:\/\/destinationcyber.com\/?p=2975"},"modified":"2004-01-29T14:37:42","modified_gmt":"2004-01-29T13:37:42","slug":"virus-mydoom-une-nouvelle-variante-plus-vicieuse","status":"publish","type":"post","link":"https:\/\/destinationcyber.com\/?p=2975","title":{"rendered":"Virus Mydoom: une nouvelle variante, plus vicieuse"},"content":{"rendered":"

La variante emp\u00eache d’acc\u00e9der aux principaux \u00e9diteurs d’anti-virus pour mettre \u00e0 jour son dispositif de protection et s’attaque \u00e9galement \u00e0 Microsoft… <\/p>\n

En 72 heures de s\u00e9vices, Mydoom a \u00e9t\u00e9 reconnu comme le vers e-mail le plus virulent qui a jamais exist\u00e9.<\/p>\n

Or, le 27 janvier au soir, une nouvelle variante a \u00e9t\u00e9 annonc\u00e9e dans les forums de s\u00e9curit\u00e9 cr\u00e9dibles. Trend Micro a pu l’identifier.
\nIl s’agit, l\u00e0 encore, d’un vers de type \u00ab\u00a0mass-mailing\u00a0\u00bb qui se diffuse
\nau travers du carnet d’adresses en usurpant de vrais utilisateurs.
\nLe vers continue de se propaser via le ‘peer-to-peer’ de Kasaa et dispose toujours d’une porte arri\u00e8re (\u00ab\u00a0back-door\u00a0\u00bb) sur le port TCP 3127.<\/p>\n

Mais cette deuxi\u00e8me variante s’av\u00e8re plus nocive: elle interdit \u00e0 l’h\u00f4te infect\u00e9 de se mettre \u00e0 jour aupr\u00e8s des diff\u00e9rents \u00e9diteurs d’antivirus en \u00e9crasant le fichier HOSTS local et en rendant impossible les connexions vers une longue de sites (lire ci-apr\u00e8s) o\u00f9 figurent les plus usit\u00e9s: ca.com, download.mcafee.com, f-secure.com, ssophos.com, go.microsoft.com, networkassociates.com, symantec.com,
\nwww.kaspersky.ru, www.trendmicro.com…<\/p>\n

Par ailleurs, cette nouvelle version du ver est programm\u00e9e pour s’attaquer \u00e0 Microsoft, dont le site fera lui aussi l’objet d’une attaque par d\u00e9ni de service \u00e0 partir du 1er f\u00e9vrier, tout comme celui de SCO.<\/p>\n

[source – Silicon.fr] 
\nNorman Girard, vulnerabilite.com (c) <\/p>\n","protected":false},"excerpt":{"rendered":"

La variante emp\u00eache d’acc\u00e9der aux principaux \u00e9diteurs d’anti-virus pour mettre \u00e0 jour son dispositif de protection et s’attaque \u00e9galement \u00e0 Microsoft… <\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_citadela_custom_class":"","footnotes":""},"categories":[15],"tags":[],"class_list":["post-2975","post","type-post","status-publish","format-standard","hentry","category-securite"],"_links":{"self":[{"href":"https:\/\/destinationcyber.com\/index.php?rest_route=\/wp\/v2\/posts\/2975","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/destinationcyber.com\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/destinationcyber.com\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/destinationcyber.com\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/destinationcyber.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=2975"}],"version-history":[{"count":0,"href":"https:\/\/destinationcyber.com\/index.php?rest_route=\/wp\/v2\/posts\/2975\/revisions"}],"wp:attachment":[{"href":"https:\/\/destinationcyber.com\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=2975"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/destinationcyber.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=2975"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/destinationcyber.com\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=2975"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}