Virus Writers Mark Sept 11 with New Batch of Bugs

Thu September 11, 2003 10:36 AM ET
By Bernhard Warner, European Internet Correspondent

LONDON (Reuters) - Internet virus writers marked the two-year anniversary of the September 11 attacks in their own inimitable style, releasing Internet contagions that prey on people's sentimentality and fears.

Two Internet infections have surfaced in the past week -- "Neroma" and "Vote.K" -- that carry September 11 references, computer experts said.

The programs are not considered to be high-risk threats, but security officials were warning computer users on Thursday to avoid opening suspicious 9/11 themed e-mails. Virus writers often label their malicious works with topical messages hoping people will open them up and trigger a mass infection.

"Neroma" carries the subject line "It's Near 911!." It contains a file attachment labeled "911.jpg" with the description "Nice butt baby!."

It is programmed to delete computer files on infected PCs and scan its Microsoft Outlook Express e-mail address book in search of more e-mail victims to sniff out.

"Vote.K," a new variation of a virus that first appeared shortly after the September 11 attacks, arrives in e-mail inboxes with the message "THE WAR HAS STARTED!," according to Finnish security firm F-Secure Corp.

It too threatens to delete files and carries a message "WORLD TRADE CENTER/WE WILL ALWAYS REMEMBER THOSE LOST SOULS."

Meanwhile, British security firm Sophos Anti-Virus said a two-year-old e-mail that warns about a fictitious file-deleting virus called "WTC Survivor" is once again one of the most popular e-mail hoaxes in circulation.

"It's stormed to the top of our hoax list in the past few days," said Graham Cluley, senior technology consultant at Sophos Plc., adding users should ignore it.

NEW WINDOWS HOLE

The biggest concern among security officials is news that a new security hole has been found in Microsoft Corp's Windows operating system.

Last month, a wave of viruses and worms, including Blaster and Sobig.F, preyed on a Microsoft software vulnerability that ultimately inflicted billions of dollars in damage to corporate and home-based computer users.

"We believe the underground community is looking at ways of exploiting this, so we could see a son of Blaster scenario, but so far there's nothing connected to September 11 with this recent vulnerability," Cluley said.

Microsoft issued a patch at http://www.microsoft.com/security.

Weary security officials spotlighted one bit of good news. There was a noticeable decline in virus-infected e-mails as the super-potent Sobig.F virus expired on Wednesday and stopped spreading.

Elsewhere, the Internet on Thursday was looking a lot like business as usual, at least in more commercial corners.

On the one year anniversary a year ago, scores of Web sites from Amazon.com to Lycos.com shaded their pages in solemn colors while others set up shrines for the victims of the attacks in the United States.

15/09/2003

Bron : Reuters

Archief - Home