Forwarded from: Elyn Wollensky <elynat_private> http://news.bbc.co.uk/2/hi/technology/2523387.stm Friday, 29 November, 2002 Security experts are warning computer users to be on the look-out for an insulting worm that can seriously harm a PC. Known as Winevar, the worm is spreading via e-mail as an attachment that infects computers running Windows. Winevar has a particularly rude insult, displaying the message: "Make a fool of oneself: What a foolish thing you've done!" If users press the ok button, they could lose all the files on their computer. Security links After infecting a system, the worm disabled security software and anti-virus programs, launching the W32FunLove.4099 virus. The worm arrives with the subject line of "Re: AVAR (Association of Anti-Virus Asia Researchers). Anti-virus firm Sophos suspects the author has links to the recent AVAR conference held in Korea. "Ironically the Winevar worm author seems to have got his inspiration from a conference intended to reduce the impact of computer viruses," said Graham Cluley, Senior Technology Consultant for Sophos. CEO danger As part of its payload, Winevar attempts to launch a denial-of-service attack on the website of US security firm Symantec. Another side effect of the virus is its ability to change a computer's settings to create an imaginary file extension ".ceo". Any future viruses sent with this file extension will be automatically run on the computer. "It is quite amusing that in the post-Enron world we find that CEOs can be dangerous to your PC," said Mr Cluley. Anti-virus firms have posted information about the worm and users are advised to check out their websites to find out how to protect themselves and clean up their PCs. - ISN is currently hosted by Attrition.org To unsubscribe email majordomoat_private with 'unsubscribe isn' in the BODY of the mail.
This archive was generated by hypermail 2b30 : Mon Dec 02 2002 - 03:28:01 PST