Hybris is a complex new worm

By Robert Vamosi
15 November 2000 11:13 AM
Tags: e-mail, internet, worm, virus, anti virus, scan, sic, dwarf

At least five variations exist of this complex worm that can update itself via the Internet.

Hybris (W32.Hybris) is a complex supervirus whose e-mail delivery system is similar to Happy 99 and whose programming and payload are similar to MTX. Although this worm has been known for some time, reports of Hybris are increasing worldwide. And while the worm currently contains a relatively harmless payload, Hybris has the capability to upgrade itself via the Internet and therefore could become dangerous. At least five distinct variations of Hybris have been reported by anti-virus software companies so far.

How It Works
Hybris arrives via e-mail with the following characteristics:

From: Hahaha hahaha@sexyfun.net

Subject: Snowhite and the seven Dwarfs - The REAL Story!

Attachment: a variable file name ending with .exe or .scr, most commonly dwarf4you.exe

Body text: "Today, Snowhite was turning 18. The 7 Dwarfs always where very educated and polite with Snowhite. When they go out work at mornign (sic), they promissed (sic) a *huge* surprise. Snowhite was anxious. Suddlently (sic), the door open, and the Seven Dwarfs enter..."

A user clicking on the above attachment will load the worm. Hybris scans the system for e-mail addresses to send itself out over the Internet via e-mail. Hybris also inflects WSOCK32.DLL, renaming it and redirecting Windows.INI to point to the new, infected file. Thereafter, Hybris will send itself via reply mail to whomever sends new e-mails to an infected computer. Hybris is also savvy enough to establish its own Internet connections for the purpose of upgrading itself. What is notable about this worm is that is contains up to 32 Internet components, and can execute them as needed. At the moment, the components sent with Hybris are relatively harmless, however, the potential for new and more dangerous upgrades does exist.

Removal Instructions
Infected users should download the latest anti-virus signature files. Afterward, users will still need to restore a copy of WSOCK32.DLL, either from a clean backup or from the original Windows installation disks.

1 2 Next >
Advertisement

Print feature brought to you by Adobe

Talkback 0 comments

Latest Videos

Sponsored content

Power Centre - Content from our premier sponsors

Blogs

  • David Braue Can not-so-smart meters help the NBN?
    It was interesting to witness Conroy's recent enthusiasm to spruik the NBN's role in supporting the Smart Grid, Smart City initiative. What a pity that Conroy hadn't yet seen the damning report from the Victorian auditor-general about that state's smart-meter roll-out.
  • Array Can the Telco Reform Act be win-win?
    In the second of our two programs looking at the Senate Inquiry into the Telecommunications Legislation Amendment Bill, we hear from shareholders, bureaucrats and industry groups.
  • Array Has New Zealand's smiling assassin delivered?
    One year into its tenure, how has the new New Zealand Government performed on issues of technology and telecommunications?
  • More blogs »

Tags

  1. 488 articles are tagged with 3g
  2. 449 articles are tagged with accc
  3. 57 articles are tagged with accenture
  4. 237 articles are tagged with acquisition
  5. 39 articles are tagged with afact
  6. 140 articles are tagged with ato
  7. 1303 articles are tagged with broadband
  8. 664 articles are tagged with cio
  9. 62 articles are tagged with commonwealth bank
  10. 251 articles are tagged with conroy
  11. 391 articles are tagged with copyright
  12. 45 articles are tagged with david thodey
  13. 514 articles are tagged with dell
  14. 9 articles are tagged with feed
  15. 1040 articles are tagged with google
  16. 1030 articles are tagged with government
  17. 789 articles are tagged with hp
  18. 1302 articles are tagged with ibm
  19. 220 articles are tagged with iinet
  20. 349 articles are tagged with iphone
  21. 116 articles are tagged with legislation
  22. 13 articles are tagged with longhaus
  23. 34 articles are tagged with michael malone
  24. 1475 articles are tagged with microsoft
  25. 32 articles are tagged with mike quigley
  26. 50 articles are tagged with minchin
  27. 1125 articles are tagged with mobile
  28. 356 articles are tagged with mobile phone
  29. 209 articles are tagged with national broadband network
  30. 385 articles are tagged with nbn
  31. 198 articles are tagged with new zealand
  32. 27 articles are tagged with nick minchin
  33. 880 articles are tagged with optus
  34. 716 articles are tagged with oracle
  35. 2650 articles are tagged with security
  36. 53 articles are tagged with senate
  37. 68 articles are tagged with separation
  38. 178 articles are tagged with stephen conroy
  39. 57 articles are tagged with strike
  40. 174 articles are tagged with sydney
  41. 60 articles are tagged with telecom nz
  42. 2430 articles are tagged with telstra
  43. 135 articles are tagged with tender
  44. 49 articles are tagged with twitter
  45. 110 articles are tagged with union
  46. 147 articles are tagged with university
  47. 174 articles are tagged with victoria
  48. 201 articles are tagged with video
  49. 2 articles are tagged with win7au
  50. 88 articles are tagged with windows 7

Back to top

Featured