Origins: Novarg is a mass-mailing worm that affects only
It enters its victims' computers as an attachment bearing a file extension of .bat, .cmd, .exe, .pif, .scr, or .zip. Once in place, the worm creates a "backdoor" into infected systems by opening TCP ports 3127 thru 3198. That backdoor can potentially give an attacker the ability to use the subjugated computer to gain access to its network resources. If that's not bad enough, the backdoor has the ability to download and execute arbitrary files.
Novarg is programmed to let loose a denial of service attack against www.sco.com, the web site of the
- Mail Delivery
- System Mail
- Mail Transaction Failed
- Server Report
- The message contains Unicode characters and has been sent as a binary attachment.
- The message cannot be represented in 7-bit ASCII encoding and has been sent as a binary attachment.
- Mail transaction failed. Partial message is available.
| W32.Novarg.A@mm |
| MyDoom |
| MyDoom |
Legon, Jeordan. "Experts: Vicious Worm 'Linux War' Weapon." CNN. 27 January 2004.