Sign in to follow this  
Cactus521

Virus Warning: matrix.morpheuz.D

Recommended Posts

egh. Another one. I just got over a virus too :(--------------------------------------Matrix.morpheuz.D Discovered on: April 30, 2003 Matrix.morpheuz.D uses a random TCP port to connect to the IRC server of the hacker's choice. Major targets are backbone servers, with the objective of spreading through all ISPs below the backbone. Infection comes through any connection to an infected server. This virus has various forms, some of which allow the hacker to take control of system services and others capable of destroying or corrupting data. The virus utilizes a new technology called Variable Automated Coding, or VAC for short. The newly infected client machine randomly changes the virus' coding with each succesive infection. The unique virus is then sent to another machine, and so on and so forth. With this random style of creation, the virus may be completely harmless, but if the same machine tries to connect to an infected computer again, it might get a more potent, potentially unrecoverable strand. Type: Polymorphic virus Infection Length: 31,232 bytes Systems Affected: Windows 95, Windows 98, Windows NT, Windows 2000, Windows XP, Windows Me, Systems Not Affected: Macintosh, OS/2, UNIX, Linux virus Definitions (Intelligent Updater) * No definition at this time. virus Definitions (LiveUpdate

Share this post


Link to post
Share on other sites
Help AVSIM continue to serve you!
Please donate today!

Yep....These are released every day, one warning after the next.... They are often the topic of my weekly IT meetings, especially those like this that target servers. Just a suggestion though--next time, post a link. Pasting text verbatim from Symantec's website is a violation of their copyright...-John

Share this post


Link to post
Share on other sites

Thanks. I'm just so mad though, because I just got over a virus last week (ie No sleep :-mad)This one bothers me because it's not supposed to activate until May 15, so how does one know if he has it?

Share this post


Link to post
Share on other sites

"This one bothers me because it's not supposed to activate until May 15, so how does one know if he has it?"I always check for new services, processes, and run entries in the registry. So many of these viruses install themselves so in one way or another, their process launches at bootup. The real nasty ones are the ones that modify Windows core dll's and exe's. You don't see as many of those, as it takes a bit more programming skills than 90 pct. of the ones coded by "script kiddies"...I actually consider the worst period of virus outbreaks that of the mid-90's, as we had far more in the way of boot sector viruses then. They did not spread as rapidly, since they used floppies as a primary means of spreading, But they were very destructive.-John

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
Sign in to follow this