[ISN] Valentine virus warning

From: InfoSec News (alerts@private)
Date: Mon Feb 12 2007 - 23:19:06 PST


February 11, 2007

Security experts are warning PC users to be on guard against viruses 
masquerading as Valentine's Day messages, which could damage computers.

"Computer users should keep a wary eye on any romantic messages received 
by e-mail, as many of them could contain malicious code," said US 
security firm PandaLabs after detecting an increase in a worm it dubbed 

The worm hides in emails with subjects like: "Together You and I," "Til 
the End of Time Heart of Mine."

People who open an attached file such as postcard.exe can end up 
infecting their computers.

Security firm Symantec said it had detected "large-scale spamming" of 
e-mails including a Trojan horse, a program that contains or installs a 
malicious program.

Symantec said the malware was a new version of Trojan, Peacomm or the 
"Storm Trojan."

"With Valentine's Day approaching, this time around the authors are 
attempting to tug on the heartstrings of unsuspecting users with 
romantic subject lines such as 'My Heart belongs to you,' said 
Symantec's Orla Cox.

"The Trojan is much the same as we've seen before, the only difference 
being that the authors have used a modified packer in an (unsuccessful) 
effort to evade detection by antivirus vendors."

"As a general rule, don't open any suspicious e-mail, regardless of what 
is says it contains," said Luis Corrons, technical director of 

"Instead of going on instincts, let a security solution decide whether 
it's safe to open it or not," he said, urging users to scan any 
suspicious messages with an antivirus program.

Corrons said events like Valentine's Day and Christmas are often 
exploited by cyber-criminals to try and spread their creations by 
disguising infected emails as e-greeting cards.

This use of "social engineering" was used in the LoveLetter virus, which 
caused one of the biggest epidemics in computer history.

Copyright 2007. The Sydney Morning Herald.

Subscribe to the InfoSec News RSS Feed

This archive was generated by hypermail 2.1.3 : Mon Feb 12 2007 - 23:23:11 PST