Forwarded From: Raj Mathur <rajuat_private> PrettyPark hits Windows users hard Victims of e-mail virus increase 2,000 percent over the weekend, Symantec reports. By Shauna Sampson, ZDTV June 7, 1999 4:25 PM PT PrettyPark, a French e-mail virus, got a tremendous boost from home PC users this weekend. Anti-virus software maker Symantec said it has observed an increase of 2,000 percent in apparent victims since Friday. These victims of the virus, which is being described as a worm with Trojan capabilities, are likely Microsoft Windows users who are being sent to a custom Internet relay chat channel without their knowledge. Once there, victims' personal data -- ranging from e-mail address book lists, operating system preferences and registration numbers, passwords, and form data (including stored credit card information) -- can be potentially retrieved from the victim's PC without their knowledge by the virus writer. PrettyPark is the first known worm with Trojan capabilities and its very own custom IRC channel. "This virus took months to write, and it's creator put a great deal of effort into it," says Steve Trilling of Symantec (Nasdaq:SYMC). "But it only took us 15 minutes to come up with the cure." However, consumers are being hit harder by the virus because they are less likely to update their anti-virus software than large companies or businesses and are more likely to open and run executables sent by what appears to be family or friends. Spread via e-mail The virus is spread when PC users open an attached e-mail program file named "PrettyPark.EXE". When executed, it may display the Windows 3D pipe screen saver while it creates and sends duplicate files of itself to e-mail addresses listed in the user's Internet address book. PrettyPark will run this routine every 30 seconds, without the user's knowledge. It will also connect to the custom IRC channel while the PC owner is on the Internet or reading e-mail while connected to a remote server. PrettyPark: Part worm, part Trojan So far only Windows-based systems seem to be vulnerable, the virus is definitely spreading and anti-virus software manufacturers are expecting to see more victims in the IRC chat rooms. Protecting yourself In order to protect themselves from PrettyPark and other viruses, PC users should update their anti-virus software and avoid opening e-mail attachments. Researchers are trying to determine if other e-mail programs, such as Eudora and Lotus Notes, are vulnerable, presently the Mac and Linux Operating Systems do not seem to be effected. Use of ZDNet is subject to certain Terms & Conditions.Please read ZDNet's Privacy Statement (reviewed by TRUSTe). Copyright (c) 1999 ZDNet. All rights reserved. Reproduction in whole or in part in any form or medium without express written permission of ZDNet is prohibited. ZDNet and the ZDNet logo are trademarks of Ziff-Davis Inc. -o- Subscribe: mail majordomoat_private with "subscribe isn". Today's ISN Sponsor: OSAll [www.aviary-mag.com]
This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 13:24:30 PDT