Click to return to BOL home page
Banker Store Read A Reg BOL Insiders Career Connect Learning Connect Bankers Information Network

   

















    Site Map

    Our Sponsors

    Home


















January 31, 2002

Print Friendly! Email This Article! Discuss NOW!



NIST Virus Info
Top Threat List
McAfee Anti-Virus
F-Secure
Trend Micro
Wells' Wild List
Stiller Research
Tracking Map
Virus News
Virus Myths/Hoaxes


Copycat Virus Unleashed
As if the hangover from "My Party" wasn't enough to deal with, malicious copycat pranksters unleashed a new virus this week dubbed "W32.Porma@mm". The mass-mailing email worm is distributed via email with the subject line, "pornoman recommends". The Body of the message reads, "visit the site.. sex, sex, sex and more sex". The attached file, http.www.sex.com looks like a web address.

The clever part about this strain of virus is that the attachment is deceiving. It appears as a link to a web site address, but it isn't. The ".com" part of the address actually signifies that the file is a program. If you click on the .com file, you execute the program.

When the program is run, the W32.Porma@mm worm sends itself to all contacts in the Microsoft Outlook address book. It also copies itself to C:\http.www.sex.com.

Users should remain on the look-out for this new style of email worm. According to Donal Casey, of security firm Activis, this new style of worm represents " a new direction for virus authors as they are utilising the fact that web addresses can end in .com, also the extension DOS executable command files."

"As this is a new direction for viruses, I would expect to see a rash of viruses using this technique in the short term until users become educated and do not randomly click on web links delivered through email."

Symantec first reported this worm on January 29 and has listed its potential distribution as high.

Previous Tech Alerts:
01/30/02 Netscape Browser Vulnerable to Cookie Theft
01/28/02 "My Party" Mass Mailing Worm
01/18/02 IT Contingency Planning Guide, Information Security Checklist and Solaris Vulnerability
01/15/02 Trojan.StartPage Alters Web Browsers
01/12/02 New Internet Worm Gigger Masquerades as Microsoft Outlook Upgrade
01/08/02 Microsoft Universal Plug and Play Vulnerability
12/20/01 Holiday Themed Computer Virus Unleashed




Home | Compliance | Lending | Operations | Security | Marketing | Technology | eBanking
BOL Archives    Privacy Policy    Important Disclaimer   Recommend This Site !   Contact Us


BankersOnline is a free service made possible by the generous support of our advertisers and sponsors. Advertisers and sponsors are not responsible for site content. Please help us keep BankersOnline FREE to all banking professionals. Support our advertisers and sponsors by clicking through to learn more about their products and services.