Experts warned yesterday that the recently discovered Lovgate virus contains backdoor Trojan code that could allow hackers to remotely access compromised systems.
W32/[email protected] was first discovered on 23 February and has spread around the world, with the UK, Europe and Asia Pacific suffering the most widespread infection.
The worm propagates via email by replying to entries in the user's Outlook email client. Antivirus firm Network Associates has given it a 'medium' risk rating.
The company said that users will not immediately notice the infection because of the way Lovgate spreads using network shares.
It will copy itself to folders and subfolders using the following filenames:
Lovgate also packs a 77,824-byte Trojan file - called ILY.DLL, 1.DLL, REG.DLL or TASK.DLL - which opens a backdoor to port 10168.
Once the Trojan is installed it sends an email notification to the hackers who first propagated the virus informing them that the computer has been compromised.
Details and a clean up procedure for Lovgate can be found online at the Network Associates website here.
Worried about data privacy? Here are several ways to secure your Facebook account
The ICO is seeking an urgent warrant to investigate a major data breach - everything you need to know as the story continues to unfold
Microsoft comes up with a new way to foist its unloved and little used Edge web browser on people