An internet worm that can enable hackers to take control of infected PCs is spreading around the world.
The worm, W32/[email protected], also known as Bagle, harvests addresses from local .wab, .txt, .htm, and .html files.
Antivirus company Sophos said it has received "many" reports of the worm, which sends itself to addresses taken from files on the hard disk.
"The worm spoofs the 'from' field in emails it sends, which means it may appear to have come from someone you know," the company said in a statement.
The worm includes a back door component that listens on TCP port 6777. This allows an attacker to upload and execute arbitrary programs on infected computers.
It attempts to notify the virus author of its readiness to accept commands by contacting various websites and trying to activate a script that identifies the compromised computer.
Users should delete any email containing the following:
From: (address may be forged)
Attachment: (random filename) 15,872 bytes
Sophos said the worm will not activate on PCs with a system date of 28 January 2004 or later.
Cotton seedling freezes to death as Chang'e-4 shuts down for the Moon's 14-day lunar night
Fortnite easily out-earns PUBG, Assassin's Creed Odyssey and Red Dead Redemption 2 in 2018
Meteor showers as a service will be visible for about 100 kilometres in all directions
Saturn's rings only formed in the past 100 million years, suggests analysis of Cassini space probe data
New findings contradict conventional belief that Saturn's rings were formed along with the planet about 4.5 billion years ago