The Fizzer worm ended a relatively dry period for malicious code as it managed to spread across Europe, Asia and the Americas this week. While Fizzer is finally starting to flatten, new variants of the LovGate worm emerged on Tuesday to keep IT administrators and security officers on their toes.
Experts, however, said the new LovGate variants should not pose much of a threat to businesses.
The three variants -- LovGate-I, -J and -K -- are technically similar to past versions of the mass mailer. LovGate can spread via network file shares and by mailing copies of itself with its new SMTP engine. LovGate's trick is that it replies to new messages received in Microsoft Outlook and Outlook Express with a formatted message that has malicious code attached, said David Perry, global director of education for Trend Micro, a Tokyo-based antivirus software vendor.
"The differences between the new variants are infinitesimal -- a matter of different subject lines and body messages," Perry said.
Trend Micro has seen infections in South Korea but doesn't expect to see the variants spread in other countries too rapidly. Perhaps the only interesting thing about them is they were all released so close to each other, Perry said.
In other worm news, Fizzer is definitely on the decline. McAfee Security saw submissions of it drop 50% to 60% yesterday when compared with Monday. E-mail filtering outsourcer MessageLabs intercepted about 30,000 copies of it on Tuesday, compared with more than 33,000 on Monday. Symantec Security Response still has Fizzer ranked as a category 3 worm, its second highest rating. LovGate is listed as a category 2 worm.
FOR MORE INFORMATION:
FEEDBACK: Is Fizzer a threat or a nuisance to the enterprise?
Send your feedback to the SearchSecurity.com news team.