W32/MyTob.DG@mm
Analysis
This variant of MyTob is very similar to existing variants in that it is coded
using Visual C, and contains instructions to spread to other systems using these
methods -
- SMTP email
- networked systems
- RPC exploit [MS04-011]
Recommended Action
- check the main screen using the web interface to
ensure the latest AV/NIDS database has been downloaded
and installed -- if required, enable the "Allow
Push Update" option
FortiGate systems:
Telemetry
Detection Availability
FortiClient | |
---|---|
Extreme | |
FortiMail | |
Extreme | |
FortiSandbox | |
Extreme | |
FortiWeb | |
Extreme | |
Web Application Firewall | |
Extreme | |
FortiIsolator | |
Extreme | |
FortiDeceptor | |
Extreme | |
FortiEDR |