Anonymous
Unregistered
|
*** Virus Alert ***
A sneaky worm is making its way across the globe, hijacking mailboxes as it goes.
The Frethem worm, which reportedly started in Africa, has been spotted in the wild in Europe today. Antivirus firms were aware of the worm a number of days ago, so users with updated virus protection should be safe.
The worm attempts to use social engineering to catch its victims out, arriving as an email attachment.
A typical email will have the subject "your password" and body text along the lines of: "Attention. You can access very important information by this password. Do not save password to disk, use your mind. Now press cancel."
Presumably this is an attempt to trick users into to picking the 'open file' option rather than the 'save to disk' option when they double click the attached decrpyt-password.exe.
Once executed the worm forwards itself by email, using addresses found in the Outlook Express address book and any .dbx mail files.
It is also possible for the worm to infect users viewing the message through the Outlook Express preview panel.
Antivirus firm Central Command also warned that more World Cup viruses are expected to hit this month.
BWG, which spreads via email and IRC, has already been spotted in the last few days. The security firm warned users to be wary of opening World Cup related email attachments.
Visit <A HREF="http://securityresponse.symantec.com/avcenter/vinfodb.html#threat_list">http://securityresponse.symantec.com/avcenter/vinfodb.html#threat_list</A>
for an up to date listing of known virus threats.
|
|
14-06-2002, 08:59 AM |
|
Anonymous
Unregistered
|
Re: *** Virus Alert ***
Hiya Guys,
I think the Worm is called KELZ.H and is a nasty piece of work.
The main way it is being spread at the moment is through MS Outlook Express by going into your address book and forwarding it one to everyone in your address book.
I would suggest opening NO e-mails until you have proper anti virus protection as I have had the virus recently from a mail I recieved from someone who I corespond with on a regular basis.
I would suggest that the worm is pretty clever as it does not give the E-Mail a title that might raise suspicion.
There is a free download available at <A HREF="http://www.grisoft.com">www.grisoft.com</A> which will deal with it.
Good Luck.
Fitz.
|
|
14-06-2002, 09:39 AM |
|