Feeds

Deadlier Love Bug variant spotted in wild

Massive outbreak of Outlook patch downloading to ensue...

  • alert
  • submit to reddit

Bridging the IT gap between rising business demands and ageing tools

A more dangerous and difficult to track variant of the Love Bug is on the loose. Like Love Bug it uses Microsoft Outlook to propagate, but it's more destructive, and has the ability to vary the headers on infected messages - so unlike the Love Bug, it can't be tracked simply by scanning incoming headers.

According to Symantec, VBS.LoveLetter.FWA chooses a recently opened file from the Start/Document folder of the Microsoft Start menu, and uses this as the header, preceded by a FW:. What the recipient actually gets is a Visual Basic script attachment of the same filename, and when opened this overwrites files and trashes the computer. It affects both local drives and networked ones the user has write privileges to.

Symantec is classing it as a category four alert, a dangerous threat type that is difficult to contain. Its recommendation as an initial defence is to scan for a subject line that contains "FW" alongside an attachment with a .vbs extension. So would all you bozos out there still scanning the body of messages with no attachments please stop it?

Trend Micro, which says it's already posted an updated pattern file for the virus, adds the interesting information that it adds lines of random code to itself as it goes, so it's getting bigger. Trend has spotted a whopper of 400k, and the increasing attachment size will make it more and more likely that infected machines will knock mail systems over. Trend has a different take on behaviour though - the company says it goes through all directories and replaces all files with ones that are zero bytes in length.

So are there two of them? We'll know soon enough... ®

Build a business case: developing custom apps

More from The Register

next story
BBC goes offline in MASSIVE COCKUP: Stephen Fry partly muzzled
Auntie tight-lipped as major outage rolls on
iPad? More like iFAD: We reveal why Apple ran off to IBM
But never fear fanbois, you're still lapping up iPhones, Macs
Nadella: Apps must run on ALL WINDOWS – PCs, slabs and mobes
Phone egg, meet desktop chicken - your mother
ITC: Seagate and LSI can infringe Realtek patents because Realtek isn't in the US
Land of the (get off scot) free, when it's a foreign owner
HP, Microsoft prove it again: Big Business doesn't create jobs
SMEs get lip service - what they need is dinner at the Club
Samsung threatens to cut ties with supplier over child labour allegations
Vows to uphold 'zero tolerance' policy on underage workers
Dude, you're getting a Dell – with BITCOIN: IT giant slurps cryptocash
1. Buy PC with Bitcoin. 2. Mine more coins. 3. Goto step 1
There's NOTHING on TV in Europe – American video DOMINATES
Even France's mega subsidies don't stop US content onslaught
You! Pirate! Stop pirating, or we shall admonish you politely. Repeatedly, if necessary
And we shall go about telling people you smell. No, not really
prev story

Whitepapers

Seven Steps to Software Security
Seven practical steps you can begin to take today to secure your applications and prevent the damages a successful cyber-attack can cause.
Consolidation: The Foundation for IT Business Transformation
In this whitepaper learn how effective consolidation of IT and business resources can enable multiple, meaningful business benefits.
Designing a Defense for Mobile Applications
Learn about the various considerations for defending mobile applications - from the application architecture itself to the myriad testing technologies.
Build a business case: developing custom apps
Learn how to maximize the value of custom applications by accelerating and simplifying their development.
Consolidation: the foundation for IT and business transformation
In this whitepaper learn how effective consolidation of IT and business resources can enable multiple, meaningful business benefits.