Yet another new variant in the Mimail family, W32/Mimail.J appeared on 17 November. It arrives in a message purporting to be from the PayPal online payment service, and attempts to fool the victim into revealing credit card details and other personal information.
On 25 November, a Trojan, called W32/Sysbug, was sent to large numbers of email addresses. The messages suggested the Trojan's executable contained sexy, personal pictures from someone called James to someone called Mary. If a recipient is fooled into launching the file, the Trojan installs itself, sends information about the victims computer to a website, and opens a backdoor on TCP port 5555.