Worm rides tsunami
Security experts have identified a new worm that spreads by conning users into opening a document that claims to be a plea for tsunami disaster aid.
The mass mailing worm, which so far has a minimal infection rate, represents a new low on behalf of virus writers, says Brett Myroff, CEO of local Sophos distributor Netxactics. "All viruses are wrong, but to play on a disaster, where more than 150 000 people died, in order to spread a virus is just disgusting.
"I think they are really scraping the barrel."
Anti-virus vendor Trend Micro says the worm, which it calls WORM_ZAR.A, comes with the subject: "Tsunami Donation! Please Help!"
The body of the e-mail reads: "Please help us with your donation and view the attachment below! We need you!" According to Trend Micro, the worm spreads when the user opens the Tsunami.exe attachment.
Once activated, the worm seeks to send itself to all e-mail addresses on the infected machine. It also has the ability to perform a distributed denial-of-service attack on a German hacker site, www.hacksector.de.
At present, the worm is largely a non-event, although with such a prevalent topic there is always a potential to spread, says Myroff. "It`s social engineering as usual. Virus writers always harp on something that is prevalent and high-profile."