Explore the latest news and trends  

Keep yourself up to date with one of the following options:

  • Explore more news around Spam/Phishing, Malware/Cyber-attacks and Antivirus
  • Receive news and special offers from SPAMfighter directly in you inbox.
  • Get free tips and tricks from our blog and improve your security when surfing the net.
Go

Mass Mailing Worm Caution About Worms

A new worm is spreading through the Internet by adopting an unethical approach of warning and cautioning of potential threat. Sounding like a security warning, the e-mail contains a legal word of caution that increases possibility of potential victims opening and even downloading the attachment. The mail uses kind words to entice the reader to open the attachment and when the recipient does so, the Warezov.at worm infects the system.

As per security analysts at MicroWorld Technologies, the 'Warezov.at' worm or 'Stration' mails en-masse a large number and variety of messages with a range of attachments. It uses its own SMTP account, gathers e-mail addresses from the infected machine and sends itself to all the contacts listed. If that is not enough, the worm logs on to malicious websites to download more malware on the compromised PC.

The subject line of the mail selects randomly: "Mail Delivery System", "Hello", "Status", "Server Report" and many others. The message body contains a sober security alert and advises users to download a patch for Worm protection.
According to Sulabh Mahant, security analyst at MicroWorld Technologies, the worm creator has attempted some mechanisms working on e-mails that appear like 'system generated' messages or that are delivered by the recipient's e-mail service support department.

There are other types of messages, like: "Mail Transaction has failed. Only partial message is available"; "the message contains Unicode characters and has sent as a binary file" and "the message has been sent on a binary attachment as it can't be represented in 7-bit ASCII encoding". ". Each of them tries to convince the user that it has come from the Mail Administrator. The attachment reads, as "Update-KB8706-x86.Zip" to make the user believe that it's a security patch.

Organizations are advised to plug their entry points to prevent the occurrence of a chain reaction in the internal mailing system that can bring a break to day-to-day operations. And they must install updates for worm removal.

 

Related article: Mac OS X Devoid of Malware, Vexing Experts

» SPAMfighter News - 11-10-2006

3 simple steps to update drivers on your Windows PCSlow PC? Optimize your Slow PC with SLOW-PCfighter!Email Cluttered with Spam? Free Spam Filter!

Exchange Anti Spam Filter
Go back to previous page
Next