Subscribe
About

Beware the Christmas worm

By Damian Clarkson, ITWeb junior journalist
Johannesburg, 15 Dec 2004

Anti-virus experts are warning of a new worm that comes attached to an e-mail passing itself off as a Christmas card.

The e-mail carries a variant of the Zafi worm, which has been prevalent this year, and is titled "Merry Christmas!" in a variety of languages, says Information Security Architects executive director Ryan Price. "The Christmas greeting could be written in English, Italian, Spanish, Russian, Swedish and several other languages."

The infected attachment has an extension of .pif, .cmd, .bat, or .com file. When run, the virus displays a decoy error message saying "Error in packed file!" After this the virus spreads further and installs a backdoor that will allow the virus writer to take over the infected computer, adds Price.

Netxactics CEO Brett Myroff says users should not let down their guard simply because it is the festive season. "Heartless hackers and virus writers can attack at any time of year, and every computer user should be on the lookout for unusual e-mails and be wary of ever opening any unsolicited file they are sent via e-mail," he says.

"Having a business environment where it`s seen to be acceptable to send and receive joke programs, screensavers and electronic greetings cards increases the risk of virus infection at any time, but can prove particularly risky during the holiday season. When your computer data is at risk it may be wiser to avoid electronic well-wishing, and use paper and ink instead."

Reports of the worm are increasing, and Symantec has upgraded this worm to a level three threat. Symantec says it has received more than 81 corporate and 49 consumer submissions of this threat worldwide.

Share