http://news.cnet.com/news/0-1003-200-6135045.html?tag=mn_hd By Greg Sandoval Staff Writer, CNET News.com May 31, 2001, 2:20 p.m. PT By promising to display pictures of actress Jennifer Lopez naked, the destructive Chernobyl virus is again spreading across the Internet via e-mail. Antivirus-software maker Panda Software issued an alert Thursday after receiving about eight reports of the virus, including one from a major aviation company. The aviation company discovered the problem before the virus could do any significant damage. Panda has given the virus its highest rating of potential risk, distribution and destruction. One of Panda's competitors, Symantec, considers the virus less of a threat, saying it received only six reports of the virus Wednesday, indicating that the virus was spreading too slowly to cause any real damage. But the Jennifer Lopez files pose a serious threat regardless, said Steve Demogines, director of tech support at Panda. Hiding behind the fictitious photos of Lopez is the lethal Chernobyl virus, which can erase content on files and disable computers. The other factor that makes the Lopez file dangerous, Demogines said, is that it uses a "social engineering" technique that could prove effective. The term social engineering refers to the practice of coming up with intriguing e-mail subject lines to fool the unsuspecting into opening virus-infected files. The Lopez file's suject line reads "Where are you" and the attachment is titled JenniferLopez_Naked.JPG.VBS. "Virus writers are still successfully using the social engineering technique to trick the unwary user," Panda said in a statement Thursday. The Jennifer Lopez file is the latest in a string of mass-mailing worm viruses--copycat versions of the AnnaKournikova virus, which spread across the globe in February by encouraging victims to click on a supposed picture of Russian tennis star Anna Kournikova. The Anna virus had the ability to mail itself to a large number of Internet users but did not damage computer systems. Its main threat was that it might clog servers. The virus inside the Lopez file packs a more destructive payload. When the W95/CIH virus is unleashed, it goes on a search-and-destroy mission, Panda said in the statement. The virus seeks out and overwrites code on specific files on the hard disk, stripping them of their content. The virus also infects the Windows installation folder and can disable a computer by overwriting the motherboard, rendering it useless and preventing a user from booting up, Demogines said. ISN is hosted by SecurityFocus.com --- To unsubscribe email isn-unsubscribeat_private
This archive was generated by hypermail 2b30 : Fri Jun 01 2001 - 02:56:07 PDT