‘Happy New Year’ Worms Inject Malicious Code
An e-mail worm pretending to be a New Year's greeting is viciously circulating on the Internet. The message carrying the worm has the subject "Happy New Year" and contains either an exe or zip file named postcard.exe or postcard.zip, report experts at iDefense Labs of VeriSign. The company researches on security vulnerabilities and exploits. If the recipient of the e-mail opens the attachment it downloads malicious software that can harm computers running Windows OS.
Every infected computer seeks open mail proxies and begins to send out spam mails to other computers. The worm is traversing swiftly over the Internet spreading five e-mails per second on one large network, says the Website of iDefense Labs.
When the worm enters the PC it converts it into a 'zombie' that comes under the control of a remote attacker who then delivers large amounts of spam. For the worm to move out at the rapid speed, iDefense has estimated that more than 160 e-mail servers are presently dispatching the maliciously intended greeting.
Like most worms succeed by user interaction, users' response also activates this 'New Year' worm. A click on the message can install two rootkits on the victim's PC. As the rootkits remain concealed in the system it becomes hard to detect the infection after the attack.
A rootkit is a security tool for the hacker to steal passwords and traffic messages to and from the PCs. They enable the hackers a backdoor entry into a system and gather information from other computers within a network.
According to Ken Dunham, director of VeriSign iDefense Intelligence Operations, this new threat is a cold threat, which installs multiple codes and then protects them with rootkit technology.
New Year holidays are the greatest risk period, when users are most tempted to click on a 'New Year's message, said Dunham. It is therefore important that people stay vigilant of e-mails with potential malware content during this vacation.
VeriSign has issued a security advisory cautioning people about spammers who try to take advantage of people's expectations of Christmas messages from relatives and friends.
Related article: “Loopholes did not cause online banking thefts”: ICBC
» SPAMfighter News - 04-01-2007