Posted on 12/14/2004 5:50:22 PM PST by Tumbleweed_Connection
Internet security experts have warned of a new virulent email worm particularly successful in infecting computers as it is disguised as a multilingual electronic Christmas card.
"We think this worm will be big because of its timing and the fact that it comes in 15 different European languages," said Mikko Hyppoenen, head of anti-virus research at Finnish firm F-Secure.
The virus, dubbed Zafi D, is a traditional Internet worm infecting computers by email and distributes itself by using email lists on contaminated personal computers.
Its Christmas greeting is in the language of the recipient, decided by the country code - like ".fi" or ".fr" - at the end of the email address, making it all the more dangerous.
Mr Hyppoenen says it also opens a back door on infected PCs, making it possible for outsiders to use them to distribute unsolicited bulk email advertisements, or spam and launch malicious attacks to close down websites.
He says the earlier variants of the Zafi Internet worm family were highly dangerous viruses, with the B variant still among the top 10 most virulent bugs several months after it was launched.
While this is the first Zafi worm disguised as a Christmas card, the phenomenon is not new.
"We have seen these hoaxes for several Christmases already and personally I prefer traditional pen and paper cards and we recommend this to all our clients too," Mr Hyppoenen said.
If you have a good anti-virus scanner to scan your e-mail you're safe. If you see a Christmas Card greeting in your in-box, delete it.
If your ISP is anything like mine, you don't see this kind of stuff in your in-box.
Per Symantec, Win32.Erkez.D, also known as Win32.Zafi.D [Computer Associates], Zafi.D [F-Secure], W32/Zafi.d@MM [McAfee], W32/Zafi.D.worm [Panda], W32/Zafi-D [Sophos], WORM_ZAFI.D [Trend Micro] is a new, highly wild and distributed worm that causes medium damage.I'm sure it will infect our home computer. My wife's silly girlfriends forward this kind of stuff to her without fail.
Only if you choose to open the attachment. Plus, your antivirus software should light up like a roman candle as it scans your incoming email when it finds this one.
I use Firefox PR1 and IMHO, beats the sox off MS Explorer. Life is good with tabs. Click the link and give it a try.
Three fast suggestions?
1- keep your OS updated-- first line of defense.
2- use another browser besides IE... even that old Netscape 4.7 you forgot about on a free disc is better, but you will like Firefox- try it today.
3- set up a home network and hide behind a hardware firewall.
Thanks for posting all of that. I do like firefox.
Thanks for looking-- my wife found 535 malicious files on her office PC the first time she ran Ad-aware a few months ago... claimed it was "teenagers getting into the office after hours..."
Finally she is so slow that the thing hardly moves, and my husband reformats the hard drive.
Yep, the old "fdisk & format C: /s" cure will get anything, except that nasty stuff that flashes the BIOS chips in various subsystems. I've tossed out two CD burners so infected, before I got a hardware firewall.
Hmmm, how would you find out you had whatever that is?
Web research found references to "coffee cup," a virus that pops the tray out, but I never found what was actually causing it.
Since the BIOS chips in most new hardware are flashable, I surmised that was causing it.
At the time, the only company offering to re-flash any BIOS was in England, so I decided it was cheaper, and less hassle, to replace the drives.
This was about the same time I got a newer PC and a firewall, so I never learned the cause.
And despite all the "stuff" between me & the internet, I found "imscan.dll" lurking in the machine last night. Vermin!
Thanks for the info. It's a never ending attack, I know.
They are vermin.
The more rational side of me wants to see these characters triple-fined for lost time and damages...
...the more atavistic side wants them stripped in public, in the town square, flogged, and then chained to the whipping post for a week.
And forced to trim the grass in the public square with a pair of manicure scissors...
...and, no, I am not kidding about that public whipping at all. Maybe if we re-introduced the element of humiliation and shame, the scum who write and propagate this garbage would see how much they are despised. I spent two weeks clearing their junk out of my home systems, and I am still in a vengeful mood.
It is really frustrating. The thing that I used to get were those homepage diversions. I had to wonder if they thought that in your frustration and anger you would really buy something from them. I would think most people would make sure to never buy from those who hijack your homepage.
Windows downloaded four critical updates this morning. I am installing them now.
Thanks. I had better tell my daughter. :-)
Thanks- going there now.
Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.