Win32.Warezov.at spreading in the wild
vnunet.com, 26 Sep 2006
IT security experts have issued a 'severe risk' threat warning after detecting a virulent new worm spreading in the wild.
Kaspersky Lab warned that Win32.Warezov.at uses its own SMTP engine to send itself to email addresses harvested from the Windows address books on infected machines.
The subject line, message body and attachment name vary, but mail system messages like 'Mail Server Report', 'Mail Delivery System' and 'test' are typical.
The worm runs when the user clicks on the attached file, a portable executable of around 117KB, packed using UPack. The worm copies itself to disk and modifies the registry to ensure that it loads automatically on start up.
David Emm, senior technology consultant at Kaspersky Lab, said: "It has been some time since we've seen an email worm outbreak. But email worms still have all the ingredients necessary to spread successfully, not least through social engineering.
"Users should be wary of emails received from unknown sources, and make sure that their antivirus protection is up to date."
This week we cover the continuing controversy surrounding the Orange T-Mobile deal
Using managed services to protect mobile data users from the latest security threats
Counting the cost of data security: the benefits of secured mobile services
Shifting Disaster Recovery targets with SharePoint and SQL server configurations
Using a hostbased recovery system for mission-critical systems
Keep up to date with the latest products, services and technologies from the world's leading IT companies; IThound.com brings you over 6,000 white papers, case studies and analyst reports.
Replacement warning functioning normally, claims software giant
Annual initiative warns of phishing, ID theft and social network...
Do you agree?
Have your say on this article