Anti-virus vendors are upgrading their severity ratings for a new variant of the Netsky worm, which spreads in e-mail and can auto-run itself. The outbreak is the latest in a "flurry" of virus activity this week.
The new worm, Netsky.Q, is the 17th variant of the troublesome worm to be released since February. Netsky.Q was first spotted yesterday. It arrives in e-mail messages disguised to look like "returned e-mail" error messages.
F-Secure reports that the mails carry .pif or .zip file extensions that can automatically install the worm on Windows machines once the mails are opened. The worm then harvests e-mail addresses from infected machines and forwards itself via e-mail. It can also copy itself into shared folders through file sharing programs.
Anti-virus vendors report that the worm may also launch distributed denial-of-service attacks on several peer-to-peer and pirated software Web sites, including eDonkey2000, Kazaa and Cracks.st, next week.
Ryan Price, CEO of local F-Secure distributor Y3K, says the new Netsky.Q e-mail worm is spreading fast and F-Secure has issued an upgraded Radar level two alert on the virus. Symantec raised its severity rating from a level two to level three threat on its five-point rating system.
Brett Myroff, CEO of local Sophos distributor Netxactics, says the authors of Netsky.Q do not appear to have "criminal intent". He notes: "However, by virtue of the fact that they have written and sent out a mass mailing virus, whether they have criminal intent or not, does not deviate from the fact that they create productivity problems and cause financial losses by down time caused by Internet and network congestion and man hours spent cleaning infected machines."
Myroff adds that there appears to have been a sudden increase of virus activity in SA recently. "There has been a flurry of viruses in the past week. We have received numerous reports of Bagle, Netsky and AgoBot variants in the wild."
Share
