Klez worm infects and infuriates
Print storyHere we go again
Posted in Anti-Virus, 18th April 2002 08:45 GMT
Free whitepaper – Securing your online data transfer with SSL
A fresh variant of the Klez worm is spreading across the Internet this afternoon.
Klez-H, which antivirus vendors rate as a moderate risk, is capable of spreading by either email or network shares. The worm comes bundled with the ElKern virus, which tries to infect all executable files in the "Program Files" folder. It also attempts to disable on-access virus scanners, among its other tricks.
On infected machines, the worm sends an email message containing an infected attachment to email addresses harvested from the Windows address book, ICQ database, or local files. The subject line, message bodies, and attachment file names are random.
Russian virus fighters Kaspersky Labs report that Klez-H has "already resulting in numerous computer infections in many countries including Japan, China, Austria and the Czech Republic". Managed services firm, MessageLabs, which scans its users email for viruses, reports blocking thousands of copies of the bug.
Users are advised to update their antivirus software and delete any suspicious emails without opening them. ®
Free whitepaper – Certify your software integrity with Thawte code signing certificates
The business case for application security
Reducing messaging and web security costs with managed services
Avoiding 7 common mistakes of IT security compliance
Server-gated cryptography
Airport insecurity: the case of lost laptops
Feds: Hospital hacker's 'massive' DDoS averted
Buggy 'smart meters' open door to power-grid botnet
Microsoft knew of nasty IE bug a year before attacks
BlockMaster SafeStick hardware-encrypted USB drive