You are here: silicon.com > Resources > White Papers

White Papers

Goner Worm / W32/Goner@MM, Win32.Goner.A@mm, I-Worm.Goner / Win32.Gone.A@mm / Pentagone / W32/Goner-A / W32/Goner.ini (Finjan)

Overview Date: Wed, 05 Dec 2001 00:25:08

Name: Goner Worm

Aliases: Aliases: W32/Goner@MM,
Win32.Goner.A@mm, I-Worm.Goner,
Win32.Gone.A@mm, Pentagone,
W32/Goner-A, W32/Goner.ini

There is a new worm circulating worldwide in the wild called “Goner”, which is a screen saver that arrives as an e-mail attachment. This is the biggest outbreak since Love Letter worm. Screen saver (SCR) files are actually executable files, and they can do anything on your system once launched. (The last successful worm, BadTrans.B, arrived also as .SCR attachment).

The subject line of Goner worm is: "Hi." The content of the e-mail states: “How are you? When I saw this screen saver, I immediately thought about you. I am in a hurry, promise you will love it!".

The attached file is: gone.scr. Goner spreads using Microsoft Outlook, but also using ICQ instant messenger. It isn't the first ICQ worm, but it's quite successful. If IRC chat application is installed, the computer can be used in Denial of Service (DOS) attacks. Numerous companies have reported being hit by this worm, mainly in the US and the UK.

Goner worm disables some anti-virus and personal firewalls applications, but doesn't disable Finjan's security applications. The worm searches for certain security applications, and removes them. Finjan views this as a demonstration of the risk of Instant Messenger applications. It's not always possible to block such applications at the firewall level. Most of these applications can be launched also inside web pages as Java or ActiveX components. Corporations should be protected from the risk of Instant Messengers. Finjan's desktop applications monitor the behavior of active content received by Instant Messengers.

Goner copies itself to the SYSTEM folder folder.

Goner loads itself automatically - C:\%SYSTEM%\gone.scr is added to registry key:
HKEY_Local_Machine\Software\Microsoft\Windows\CurrentVersion\Run

Further White Paper Details
Publisher	Finjan Software, Inc.	File Format	HTML
Date Published	December 2001	Downloads	4
Format	White Papers
Topics	N/A

Did you find this white paper useful? 2 out of 4 users found this white paper useful

Connecting international businesses securely

Publisher:
Easynet

Harnessing technology for competitive advantage

Publisher:
Easynet

Stakeholders' management and collaboration

Publisher:
Easynet

The need for real-time communications in European logistics

Publisher:
Easynet

e-booking and e-ticketing

Publisher:
Easynet

Live Webcast: Telecoms 2.0 - Where is telecoms heading?

In this webcast, our panel of experts will review where we are with next generation telecoms in the UK, working through the concept of 'Telecoms 2.0': - Realising the potential of Next Generation Networks - why it isn't just about the technology? - What attributes should firms be looking for in their telco partner? - Is the relationship between telco provider and customer changing? - What things need to happen to make next generation services a reality? - You say you want the supplier to change. Do you want to change too? - What is Telecoms 2.0?

Publisher:
ZDNet UK

Telecom 2.0: Mind over matter

ntl:Telewest Business believes that the role of the telco is evolving. Gone are the days when it was enough to simply focus on circuits and minutes, customers now need a far higher degree of interaction and look for suppliers who will talk business solutions with them.

Publisher:
ntl:Telewest Business

IBM Information Server Change Data Capture

In today's fast-paced world, access to real-time data has never been more important. To be successful, organizations need to be able to report and analyze corporate data quickly and easily, regardless of what applications created the data, what platform they're running on, or what database they're stored in.

Publisher:
IBM

An examination of server consolidation: the trends that can drive efficiencies and help businesses gain a competitive edge

This white paper provides a starting point for organizations contemplating server consolidation. It includes an overview of server consolidation concepts and techniques and provides guidance on methodologies. It also looks at the potential cost savings associated with server consolidation and offers information on how organizations can sustain the advantage they have gained by consolidating their servers.

Publisher:
IBM

Also on silicon.com

Site Navigation:

White Papers

Goner Worm / W32/Goner@MM, Win32.Goner.A@mm, I-Worm.Goner / Win32.Gone.A@mm / Pentagone / W32/Goner-A / W32/Goner.ini (Finjan)

Quick Sitemap Links:

About Us

Search

Blogs

Verticals

Advertising Features

CNET Networks in Europe

CNET Networks in the United States

CNET Networks in Asia Pacific