Security Management Strategies for the CIOThe first of what researchers predict could be a spate of new viruses related to the second anniversary of the September 11 terrorist attacks has been spotted.
W32.Neroma@mm, as named by Symantec, spreads through Microsoft Outlook. The message subject line is "It's Near 911." Double clicking the attachment activates the virus, which then attempts to send itself to every listing in the user's Outlook address book.
Eric Kwon, CEO of AV firm Global Hauri, which discovered the virus on Sept. 2, recommends that enterprises block incoming e-mail messages with that subject line. As of Friday, Symantec reported fewer than 50 Neroma infections.
Kwon notes that just days after Sept. 11, the Nimda worm hit the world's computers, causing millions of dollars in damage. The recent onslaught of Blaster and Sobig.F infections demonstrate that networks are every bit as vulnerable now as they were two years ago.
Meanwhile, virus watchers in the U.K. have spotted a virus that criticizes the decisions of British prime minister Tony Blair and attempts to use infected computers to launch a distributed denial-of-service attack against his Web site.
Vendor Sophos says "Quarters" can spread through e-mail, where it is disguised as a message about "account information" and through Internet chat. Also called "Blurt" by Network Associates, the virus disables antivirus, personal firewalls, the registry editor and the task manager.
Graham
Requires Free Membership to View
Cluley, Sophos's senior technology consultant, says the worm overwrites files on the
user's computer with the text "Infected by the WIN32.SORT-IT-OUT-BLAIR Virus!" and can display an
anti-Blair message.
Up-to-date antivirus software will prevent infection. Sophos recommends filtering executable files at the e-mail gateway.
FOR MORE INFORMATION:
SearchSecurity.com news exclusive: "Admins doubt arrests deter future worm writers"
SearchSecurity.com news exclusive: "What's in a name? Multiple monikers for worms abound"
FEEDBACK: Is your enterprise extra vigilant against malicious code in the days leading up
to a milestone date like September 11?
Send your feedback to the SearchSecurity.com news
team.
Join the conversationComment
Share
Comments
Results
Contribute to the conversation