E-Mail Virus Using Romantic Themes Infects Computers
PandaLabs has detected a worm dubbed as Nurech.A. The worm has been spreading rapidly through mass mail messages and has infected a large number of computers over the last few hours. The company's free online solution has recorded it as one of the top ten viruses.
The e-mails carrying the worm has blank message body with variable subject lines such as "Till the End of Time Heart of Mine", "Evening Romance Doing it for You", "Tender Whispers With This Ring", "If I Knew Touched by Love Most Beautiful Girl Wrapped Up" etc. The sender shows various names of a woman. The file attachment containing the worm is differently named as 'greeting card.exe', 'postcard.exe', 'flash postcard.exe', and 'greeting postcard.exe' etc.
PandaLabs posted on its blog on February 5, 2007 that in the past weekend a new worm created a lot of activity. The worm is called Nurech.A, which got 60% of the messages coming to PandaLabs in the last 48 hours. Sometimes it came through massive volumes of spam mails.
The firm's detection tools were able to catch and block Nurech.A at the e-mail gateway itself. It therefore protected all users who got the worm on their machines.
The aim of such e-mails is to dupe users into opening the file attachment by using an alluring subject, said Luis Corrons, Technical Director of PandaLabs in a company press release. In this case, the subject relates to romantic relationships, probably due to the approaching Valentine's Day. According to Corrons, such tricks are usually very successful so the company advises users to avoid attachments they did not request, whatever be their content.
The Nurech.A installs on a computer when the user runs the affected file. The worm disables the security tools and searches addresses to spread to other computers. This worm has rootkit features and is therefore dangerous because it hides functional processes and makes it hard to detect them.
All indications converge to the single purpose that the authors of this worm want to spam mails to the maximum number of computers before the media alerts people and users start to take precautions.
Related article: E-Crime Reporting Format To Be Launched in July
» SPAMfighter News - 12-02-2007
We are happy to see you are reading our IT Security News.