Netsky-D makes your PC go beep, beep, beep
Put on your tin-foil hat
Posted in Malware, 1st March 2004 18:52 GMT
Free whitepaper – Application Performance Management:
An email worm posing as a PIF file is spreading rapidly across the Net today.
The Netsky-D worm is clogging in-boxes already sagging under the collective load of five new variants of the Bagle worm and sundry other irritants.
Netsky-D normally arrives in email with a variety of subject names (including Re: Approved, Re: Details, Re: Document, Re: Your letter), message texts and a PIF attachment. As usual, the worm is a Windows-only menace.
Anti-virus software firm are split between rating Netsky-D as high risk (F-Secure, Kaspersky, Trend, Sophos), medium risk (Network Associates) and low risk (Symantec).
Email filtering firm MessageLabs blocked more than 54,000 copies today. Natasha Staley, a consultant with the company, said: "It's out there and spreading but it's nowhere on the big as MyDoom."
Tomorrow morning (March 2) between 06:0am and 8:59am the worm will try to activate PC speakers into making a constant beeping noise. It's unclear if this is simply more mischief or an attempt to push infected users into cleaning up their PCs.
Like its siblings, Netsky-D tries to make registry-key changes, including some that are de-activate any lurking copies of MyDoom-A and MyDoom-B viruses.
Advice from AV vendors follows a familiar pattern: block executables files at the gateway, don't open unsolicited email attachments, update AV signature files and wear a regulation tin-foil hat. ®
Related Stories
Netsky B is very pesky
MyDoom and Netsky cause chaos
Fistful of Bagles shoot up the Net
The Register Guide to managing spam
The Evolving Security Landscape
The Register Guide to Extended Validation
The Register Guide to Web Security
Linux on the Desktop
