Skip the navigation

Google accidentally sends out Kama Sutra worm

The least-loved item in 50,000 in-boxes today

By Robert McMillan
November 8, 2006 12:00 PM ET

IDG News Service - Google Inc. accidentally sent out e-mail containing a mass mailing worm to about 50,000 members of an e-mail discussion list focused on its Google Video Blog, the company said Tuesday.

"On Tuesday evening, three posts were made to the Google Video Blog-group that should not have been posted," Google said in a statement, posted late Tuesday night.

"Some of these posts may have contained a virus called W32/Kapser.A@mm -- a mass mailing worm. If you think you have downloaded this virus from the group or an e-mail message, we recommend you run your antivirus program to remove it," said the statement, which was attributed to the Google Video Team.

W32/Kasper.A@mm is better known as the Kama Sutra worm. Discovered in January of this year, it deletes files and registry keys on affected systems. It is blocked by most antivirus software.

Google uses its Video Blog group to let subscribers know when "interesting and fun" videos have been highlighted on the Google Video Blog. E-mail to the group's mailing list are posted by a handful of Google employees, called Google Video Team

This team was responsible for sending out the malicious e-mail Tuesday night, said Gabriel Stricker, a Google spokesman.

Stricker did not have any more details on how Google ended up distributing the worm code, but he said that internal protocols are now in place to prevent this from happening again.

Google has seen a growing number of technical glitches lately, something observers are attributing to the company's breakneck rate of growth over the past few years. One month ago, hackers found a way to publish a fake post on Google's official blog. The company also experienced service disruptions with its Blogger service recently that have left some users fuming.

Still, Google isn't the only company to accidentally distribute malware on a mailing list, according to Graham Cluley, a senior technology consultant with security vendor Sophos PLC. "Even mailing lists run by security firms have sometimes accidentally had malware posted to them, " he said in an e-mail interview. "But everyone can learn a lesson."

Reprinted with permission from IDG.net. Story copyright 2014 International Data Group. All rights reserved.
Our Commenting Policies