Virus

W32/MyTob.DG@mm

Analysis

This variant of MyTob is very similar to existing variants in that it is coded using Visual C, and contains instructions to spread to other systems using these methods -

  • SMTP email
  • networked systems
  • RPC exploit [MS04-011]

Recommended Action


    FortiGate systems:
  • check the main screen using the web interface to ensure the latest AV/NIDS database has been downloaded and installed -- if required, enable the "Allow Push Update" option