CatoCooper13
New Member
- Joined
- Jun 18, 2003
- Messages
- 6,441
- Reaction score
- 4
AFP - An internet virus posing as a security update from Microsoft had been spreading quickly through e-mail, security experts said.
Experts said the virus, named Gibe-F and Swen, arrived as an e-mail attachment masquerading as a security patch. It exploited a vulnerability in internet Explorer.
Users opening the e-mail get a message saying, "This will install Microsoft Security Update. Do you wish to continue?" But experts said the worm installed itself even if the user clicked "No".
"Once an attachment carrying the virus is opened, the Gibe worm starts spreading and producing authentic-looking 'install and update' windows," said the security firm MessageLabs.
"While doing so, it searches hard drives for e-mail addresses and begins mass mailing out additional copies of itself and attempts to render inactive existing security and anti-virus products, opening users up to future vulnerabilities."
"Recent virus outbreaks such as Blaster, Nachi and Sobig-F have raised many users' awareness of computer security," said Graham Cluley of the British-based firm Sophos Anti-Virus.
"Users may think it is a good idea to install any security patch which is sent to them. Unfortunately, they may be falling straight into the virus writer's hands."
Cluley noted that Microsoft and other firms "never send out security patches by e-mail, which makes the Gibe worm a dead giveaway".
MessageLabs said it intercepted more than 35,000 copies of the virus across 84 countries.
The initial copies all originated from Slovakia and some later copies originated from the Netherlands, MessageLabs said.
The Finnish security firm F-Secure noted that the virus can be spread through the KaZaA music-swapping software by copying itself to KaZaA shared folders.
"During (the) installation process the worm enables sharing for KaZaA client, copies itself several times into KaZaA shared folders," F-secure noted.
©AAP 2003
Another one?! Geez...those people who created those viruses must have a lot of time on their hands to research and learn how to create computer viruses and wreak havoc on the 'Net.
Experts said the virus, named Gibe-F and Swen, arrived as an e-mail attachment masquerading as a security patch. It exploited a vulnerability in internet Explorer.
Users opening the e-mail get a message saying, "This will install Microsoft Security Update. Do you wish to continue?" But experts said the worm installed itself even if the user clicked "No".
"Once an attachment carrying the virus is opened, the Gibe worm starts spreading and producing authentic-looking 'install and update' windows," said the security firm MessageLabs.
"While doing so, it searches hard drives for e-mail addresses and begins mass mailing out additional copies of itself and attempts to render inactive existing security and anti-virus products, opening users up to future vulnerabilities."
"Recent virus outbreaks such as Blaster, Nachi and Sobig-F have raised many users' awareness of computer security," said Graham Cluley of the British-based firm Sophos Anti-Virus.
"Users may think it is a good idea to install any security patch which is sent to them. Unfortunately, they may be falling straight into the virus writer's hands."
Cluley noted that Microsoft and other firms "never send out security patches by e-mail, which makes the Gibe worm a dead giveaway".
MessageLabs said it intercepted more than 35,000 copies of the virus across 84 countries.
The initial copies all originated from Slovakia and some later copies originated from the Netherlands, MessageLabs said.
The Finnish security firm F-Secure noted that the virus can be spread through the KaZaA music-swapping software by copying itself to KaZaA shared folders.
"During (the) installation process the worm enables sharing for KaZaA client, copies itself several times into KaZaA shared folders," F-secure noted.
©AAP 2003
Another one?! Geez...those people who created those viruses must have a lot of time on their hands to research and learn how to create computer viruses and wreak havoc on the 'Net.
