New Computer Virus - For Your Information
Linda Sternhill Davis
 |
 |
| ||||
Add to My
Yahoo!Friday May 19
10:21 PM ET
A New Virus Appears, Some Question the Fear
By Ilaina Jonas NEW YORK (Reuters) - A slow-spreading new computer virus, harder to detect than the ``love bug,'' wormed its way through the some of world's computer networks and prompted U.S. law enforcement officials to open an investigation and warn computer users to steer clear of suspicious e-mails. U.S. Attorney General Janet Reno on Friday issued a warning about the new computer scourge, and the FBI-led National Infrastructure Protection Center said the agency has opened a criminal investigation. The department said it had reports that about 1,000 machines had been infected. The FBI has opened an investigation into ``a new, more destructive variant of the love letter worm,'' she told a regular weekly news briefing. ``If you receive an e-mail with a .Vbs file extension, do not open it, even if it comes from a trusted source. Delete the e-mail from your system,'' Reno said. Some said the fears were overblown, however, noting that the worm had not traveled as far as anticipated and had not infiltrated any ISPs (Internet service providers).
The new virus, technically known as a ``worm,'' was first spotted Thursday and goes by a litany of names, including VBSNewLove, NewLove.VBS and VBS/SPAMMER.A. Computer experts said it is not just a variant of the I Love You virus that struck earlier this month, as was originally believed. ``It's not a new strain. It's a whole new worm,'' said Narender Mangalam, director of security for software firm Computer Associates Inc. ``It's not derived and not a modified code. This one is a completely new code.'' Unlike the ``love bug'' that struck computer networks on May 4 and its copycats, the new worm can change its subject line and the program code each time it is retransmitted, making it more difficult for new users and anti-virus programs to detect. Unlike some viruses, a worm does not change any coding in the host computer. It rides on top of e-mail as an attachment and targets users of Microsoft's Corp.'s (NasdaqNM:MSFT - news) Outlook program, sending itself to all entries in the office address book. Although its name constantly changes it will arrive with the Subject line beginning with ``FW'' and be followed by a file name and the extension a ``name'' plus the final .Vbs extension, shorthand for visual basic script. Once it is opened, the worm could wipe out all of a computer's files in 20 seconds, said Simon Perry, vice president of security solutions for Computer Associates International Inc. (NYSE:CA - news) The attachment also doubles in size each time it is sent, which may be one reason for its slow-spreading pace, said Carey Nachenberg, chief researcher at Symantec Corp. (NasdaqNM:SYMC - news) The vicious nature of the worm might also lead to its early demise. It is so destructive it may wipe out the a computer before it can be sent, Nachenberg said. ``If you compare it to a human virus, it's like Ebola versus AIDS,'' he said, referring to the length of time the bug would pose a threat. Eric Chien, Symantec's chief research manager said the new bug was ``more nasty'' than the Love Bug because ``it is highly polymorphic...it changes the way it looks every time''. He rated its current spread as ``medium'' but gave it a ''high'' rating for its potential to replicate further. Experts said that heightened awareness of viruses and worms has led users to be more suspicious of the electronic mail they receive. Corporate network and technology managers also have taken precautions. Thomas Sobczak, director of information systems at the public relations firm Middleberg + Associates, said his company has disabled the transmission of VBS files. Mikko Hypponen of F-Secure.com, a computer virus expert based in Finland, said his security company has ``not received a single direct report from our customers anywhere in the world on this.'' ``This thing is definitely not widespread,'' he said in an e-mail to Reuters. ``It's still real,'' he added, ``and it has been spotted in real companies.'' Hypponen said his firm had ''around 10 second-hand reports'' of infected companies in the United States, central Europe and Israel. ``It doesn't have the kick of the ISP,'' Computer Associate's Mangalam said. ``In I LOVE YOU they hacked into the ISP in the Philippines.'' That ISP sent the virus out to thousands in one initial spurt. CERT Coordination Center, a government-funded emergency team based at Carnegie Mellon University, had not received a single report of an incident, said Mark Zajicek, CERT daily operations team leader. When the Love Bug hit, the center received hundreds of reports within two hours, he said. Considering there are at least 30 variants of the original Love Bug still out in cyberspace, the attention to the latest worm is unwarranted, said David Chess, research staff member International Business Machines Corp. (NYSE:IBM - news) Watson Research Center. ``This doesn't really deserve the publicity it is getting,'' he said. ``It doesn't seem like a significant thing. From a technical sense, it's not remarkable.'' Best Advice: Beware Vbs Computer users were advised to filter for e-mails with the word ``FW'' along with an attachment with a .VBS extension. Then, any e-mail attachments with a VBS extension should be treated with caution, Stevens at the Consumers Association said. ``The normal rules apply. Make sure all files are backed up and be cautious with the unusual.'' Experts also said to update anti-virus software. The original Love Bug virus crippled computers worldwide, including some at the U.S. Pentagon, and is estimated to have cost $7 billion in damage. A Philippine computer school dropout is under investigation for spreading the cyber-worm. Governments In Action The new virus, coming on the heels of the Love Bug, may finally prompt concerted government action to fight a crime that ignores national borders and which is covered by few international treaties. Germany's interior minister, Otto Schily, said: ``The new virus attack shows that such threats are not technical games but rather criminal actions which must be met with early countermeasures.'' Attempts to establish some sort of global effort to tackle cybercrime have tended to quickly become mired amid the niceties of international law and regional jealousies, but something has been happening. The Council of Europe is drafting an international convention to fight hackers, virus writers and frauds who steal credit card numbers or defraud online consumers, although it will not be ready for signing before September Earlier Stories
|
| |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Republication or redistribution of Reuters content is expressly prohibited without the prior written consent of Reuters.
Reuters shall not be liable for any errors or delays in the content, or for any actions taken in reliance thereon.