Thursday, September 9, 2010

Here you have' e-mail worm hits corporate world!!

A new virus based in e-mails with the subject line "Here You have" began running rampant Thursday, hitting corporate America hard.

So far, the virus has already been sighted at ABC/Disney, Google, Coca Cola and NASA, several individuals with knowledge of the situation told. Comcast was forced to shut down its e-mail servers entirely after being hit, a spokesperson said on Twitter.

E-mails that carry the virus contain a link that encourages readers to click on a PDF document file. But rather than a PDF, the file  contains a Windows script that transmits a virus and spams the entire contact list of the person who opened the file.

The worm is similar to the ILoveYou and Anna Kournikova worms, which spread in 2000 and 2001, and is a type of malware that has not been a major problem since around 2002, according to David Cowings, a senior manager with Symantec Security Response. "It looks like we've had a resurgence of mass-mailing worms," he said.

This latest worm seems to do nothing more than send itself out, using the victim's contact list. Cowings said "It appears to be mailing itself to all of the mailing lists that are in someone's contacts. It may also go to individuals," he said. The worm appeared to be affecting Outlook e-mail users, but it's not clear if it is also affecting users of other mail programs.

The body of the e-mail typically says something like, "Hello... this is the document I told you about, you can find it here." Because the worm is spreading via contact lists, the e-mail often comes from someone the victim knows.

A note posted on the McAfee site Thursday afternoon said: "It looks like multiple variants may be spreading and may take some time to work through them all to paint a clearer picture."

No comments:

Post a Comment

Search The Fire Seal

Random Post: I'm feeling lucky!!!