European firms hit by potent new virus

Four European companies have lost data in an attack from a new HTML virus, it emerged on Friday evening.

Linda Leung in Silicon Valley

Four European companies have lost data in an attack from a new HTML virus, it emerged on Friday evening.

According to an alert from Spanish antivirus developer Panda Software, the worm, called Little Davinia, spreads via the internet and potentially wipes out all files on hard disks and network drives.

Advertisement

However, other antivirus companies said they have seen no samples of the virus and none of their customers had been affected.

Panda said the virus began spreading from a "very large ISP" in Spain, which it refused to name. It also declined to name the four companies attacked. Panda initially alerted the ISP to the virus and has worked to remove it from the provider's systems.

Patrick Hinojosa, general manager at Panda, said the virus is potentially more dangerous than the Loveletter bug which caused worldwide havoc last year, because this time users only have to open emails to be infected rather than having to open attachments. The HTML virus code is spread via email messages with no text in the subject box.

The virus affects Microsoft Word 2000 users and is an HTML, VBS email and macro worm programmed in Spain by a virus writer using the signature Onel 2, according to Panda. The author of the Loveletter virus used the name Onel de Guzman.

Little Davinia is triggered when a user involuntarily downloads a document from the internet which opens automatically. This file, which is saved as littledavinia.vbs in the Windows System directory, sends an email message to all entries in a user's address book.

In the text body, the virus inserts the HTML code and connects the user to the web page that acts as a focal point for the spreading of the worm.

Once the Windows registry has been modified in the victim's computer, the virus searches all accessible hard disks, network drives and directories for any files and overwrites them with an HTML code that continuously displays an error window.

On Friday evening US time, a spokesman for fellow antivirus company Symantec confirmed that the worm is currently a "zoo virus", which means it is not yet out in the wild, while a spokesman for McAfee said none of its European customers have been infected.

This morning, UK-based antivirus company Sophos said it had not received any samples of the virus despite repeatedly emailing Panda Software.

Graham Cluley, Sophos senior technology consultant, said Panda is a member of the REVs(Rapid Exchange for Virus Samples) group, which shares samples of new viruses in order to speed up the process of identification and protection. But despite calls for further information, Panda had so far not co-operated.

"They have broken all the rules of Revs and gone ahead and issued a press release about a virus without sharing samples with other antivirus companies," he said.

"Panda seems to have disappeared from the face of the earth," he added. "My message to them is to work with the industry. Most antivirus companies, even arch enemies, work together to protect their customers."

  • Have your say
  • Send to a friend
  • Print
  • Digg
  • Reddit
  • Share

Tags:

Do you agree?

Further reading

Panda punished over virus warning fiasco

Antivirus company Panda Software has been suspended from an industry group for withholding information about a new virus it claimed was 'more deadly than the Love Bug'.

Anger at 'overblown' virus warning

Antivirus experts have accused rival vendor Panda Software of 'scaremongering' after it warned of the spread of a virus more deadly than the Love Bug.

Websites warned over first hypertext virus

A potential threat to ecommerce sites has been identified with the discovery of the first virus using the hypertext preprocessor (PHP) scripting language.

Security 2000 - the year in review

The year 2000 highlighted the need for business to better co-ordinate internet security - as global losses due to network downtime looked likely to top the trillion dollar mark, according to research.

Related whitepapers

Related jobs

Most watched

Summit: Views From the Valley

V3.co.uk's US office weighs in on the information overload crisis

John Chambers speaks on collaboration

Cisco boss talks up new offerings

Analysis and Reports

Remote access - Three steps to getting connected

3.4 million UK professionals now work from home – is your company equipped?

Cost benefits of a global collaboration network

This white paper is a must read for organisations looking for evidence of the bottom-line benefits of high-definition video and voice communications

Poll

Impact of Information Overload poll

Impact of Information Overload poll

What is the biggest problem your firm faces as a result of the data explosion?

View poll results

Advertisement

White paper library

Keep up to date with the latest products, services and technologies from the world's leading IT companies; IThound.com brings you over 6,000 white papers, case studies and analyst reports.

Advertisement

Newsletter signup

Sign up for our range of FREE newsletters:

Existing User

Newsletter user login:

Enter email address to edit your newsletter preferences

Job of the week

Search thousands of IT jobs :

Search thousands of IT jobs:

Advanced search

Hiring now on ComputingCareers:

Related IT jobs

Search thousands of IT jobs :

Search thousands of IT jobs:

Advanced search

Advertisement

Spotlight

Information management

Summit: Quiz IBM experts on information strategies

Join our live chat session on Thursday at 11am to...

RIM discusses new developer tools

Blackberry exec on the latest offerings for programmers

Houses of parliament

Summit: Doubts raised over Tory plans for NHS records

Experts say data quality could be an issue

Researchers take down spam botnet

Researchers from security firm FireEye have been able to effectively...

Primary Navigation