News Stay informed about the latest enterprise technology news and product updates.

Nasty Gigger worm a slow mover

Nasty Gigger worm a slow mover

Antivirus software vendors have fixes in place for Gigger, a potentially nasty but not very widespread JavaScript-based worm that tries to reformat hard drives.

Click here for Gigger cleanup information

searchSecurity Virus Discussion Forum

searchSecurity site expert on viruses

JS.Gigger.A@mm arrives as an e-mail message with a subject line reading: "Outlook Express Update" and an attachment of Mmsn_offline.htm, according to an alert on Symantec's Web site. When executed, Gigger sets the Autoexec.bat file to reformat the hard drive when the computer is restarted.

The worm can spread through Outlook and Outlook Express and MAPI, according to Trend Micro. It requires WSCRIPT.EXE and/or CSCRIPT.EXE be on the infected machine in order to work properly.

If an infected machine isn't restarted, then removing the virus is a matter of fixing the changes to the registry and fixing the Autoexec.bat file, said Graham Cluley, senior technology consultant with Sophos. But if the machine was restarted, then Windows will need to be installed again and the files need to be recreated from backups.

Such a worm sounds pretty nasty but in fact such aggressive behavior is analogous to jumping up and down yelling "look at me," Cluley said. The more insidious viruses are those that make minor changes and continue over time undetected.

Gigger was quickly found and antivirus companies made appropriate updates to their software. Sophos received only one report of Gigger in the wild. "It's not a significant threat," Cluley said. "Gigger does have an unpleasant payload but it could be much worse."

Dig Deeper on Emerging cyberattacks and threats

Start the conversation

Send me notifications when other members comment.

Please create a username to comment.