resource center
  See your link here
|
IDG News Service -
A new version of the NetSky e-mail worm has begun circulating on the Internet, antivirus software companies reported today.
Like its predecessor, NetsSky.B, which struck last week, the worm, known as NetSky.C, arrives via e-mail messages with familiar subject lines like "Question," "Fwd: lol" and "Re: hey." Users launch the worm by clicking on attachments accompanying the messages.
"They're keeping subject messages really simple, which entices users to click on the attachment," said Steven Sundermeier, the vice president of products and services at Central Command Inc., a security software vendor in Medina, Ohio. "You could see how that kind of piques users' curiosity."
Once launched, the worm installs its own mail server on the user's computer and begins sending infected e-mail using addresses it collects from the infected computer.
The worm also appears to target users of file-sharing services, said Sundermeier. "If it finds any subdirectory that has the word shar in its name, it will drop a long list of enticing file names in it, which are copies of itself," Sundermeier said. "That now makes it available through file-sharing applications like Kazaa or instant messaging applications."
These infected files have a variety of names, including "Adobe Photoshop 9 full.exe," Microsoft Office 2003 Crack.exe" and "Dark Angels.pif," Sundermeier said.
NetSky.C first appeared late last night, said Patrick Hinojosa, chief technology officer at Panda Software Inc. in Glendale, Calif. By this morning, 3% of the users of Panda's online virus-checking service were infected, he said. "Three percent within one day is a pretty good clip, so this one looks like it's spreading a little bit faster than NetSky.B," he said.
The NetSky.C worm is very similar to its NetSky.B predecessor, but Version B uses different subject lines and searches for subdirectories with the word sharing instead of shar, Sundermeier said.
Another difference is that Version C causes the user's computer to play a sound when the infected file is launched. "It's kind of a computerish-type sound," said Hinojosa. "That's a sure sign when you get it."
NetSky.B also displays a Windows error message saying, "The file could not be opened," when it infects a computer, he said.
IDG.net
Share our Strength
Download Now
Key Strategies for Managing Data Growth
What are you storage challenges?
Can Heuristic Technology Help Your Company Fight Viruses?
What is Heuristic Technology and how can it help safeguard your business against viruses? Learn more.
Extending Client Refresh - 11 Steps to Maximize Savings
Register Now!
Eradicate Spam & Gain 100% Asurance of Clean Mailboxes
Get this paper now!
Lower the Cost and Complexity of a Mobile Workforce through Automation
Download This Resource Now!
Mastering eDiscovery: The IT Manager's Guide to Preservation, Protection & Production
Get this paper now!
Managing Mobility: Improve Data Security, Compliance and Manageability
Download This Resource Now!
Not Just Words: Enforce Your Email and Web Acceptable Usage Policies
Get this paper now!
Consolidate Your Servers and Storage to Lower Costs with Oracle Database 11g
Register for this webcast!
Sign up to receive updates on the latest Security resources
CIO
Computerworld
CSO
DEMO
GamePro
Games.net
IDC
IDG
IDG Connect
IDG Knowledge Hub
IDG TechNetwork
IDG Ventures
IDG.net
InfoWorld
ITwhitepapers
ITworld
JavaWorld
LinuxWorld
Macworld
Network World
PC World
The Industry Standard
Copyright © 1994 - 2009 Computerworld Inc. All
rights reserved. Reproduction in whole or in part in any form or medium
without express written permission ofComputerworld Inc. is prohibited. Computerworld and Computerworld.com and the respective logos are trademarks of International Data Group Inc. |
