Feeds

Virus 'talks' to victims

Turkish delight

  • alert
  • submit to reddit

Secure remote control for conventional and virtual desktops

Virus writers have created a piece of malware that 'talks' to victims. The Amus email worm uses Windows Speech Engine (which is built-in to Windows XP) to deliver a curious message to infected users.

The message reads: "How are you. I am back. My name is mister hamsi. I am seeing you. Haaaaaaaa. You must come to turkiye. I am cleaning your computer. 5. 4. 3. 2. 1. 0. Gule. Gule." ("Gule. Gule" is Turkish for "Bye. Bye". "Hamsi" is a small fish, like an anchovy, found in the Black Sea). Finnish anti-virus firm F-Secure has posted a sound file generated by the message here.

The worm is not widespread, and most AV vendors rate it as a low risk. Amus spreads by email, using subject lines such as "Listen and Smile". Windows users who open an infected attachment help spread the worm and trigger the launch of the sound file. The worm also changes IE settings, so users see a message in Turkish (complaining about the quality of local telecoms) instead of visiting their usual start page. ®

Related stories

Gizza job, virus writers ask AV industry
Zafi-b speaks in many tongues
German hate mail spam attack stuns experts
WinXP SP2 = security placebo?
Microsoft's New Security Mojo

New hybrid storage solutions

More from The Register

next story
Israeli spies rebel over mass-snooping on innocent Palestinians
'Disciplinary treatment will be sharp and clear' vow spy-chiefs
Google recommends pronounceable passwords
Super Chrome goes into battle with Mr Mxyzptlk
Infosec geniuses hack a Canon PRINTER and install DOOM
Internet of Stuff securo-cockups strike yet again
THREE QUARTERS of Android mobes open to web page spy bug
Metasploit module gobbles KitKat SOP slop
'Speargun' program is fantasy, says cable operator
We just might notice if you cut our cables
Apple Pay is a tidy payday for Apple with 0.15% cut, sources say
Cupertino slurps 15 cents from every $100 purchase
Snowden, Dotcom, throw bombs into NZ election campaign
Claim of tapped undersea cable refuted by Kiwi PM as Kim claims extradition plot
YouTube, Amazon and Yahoo! caught in malvertising mess
Cisco says 'Kyle and Stan' attack is spreading through compromised ad networks
prev story

Whitepapers

Secure remote control for conventional and virtual desktops
Balancing user privacy and privileged access, in accordance with compliance frameworks and legislation. Evaluating any potential remote control choice.
Saudi Petroleum chooses Tegile storage solution
A storage solution that addresses company growth and performance for business-critical applications of caseware archive and search along with other key operational systems.
High Performance for All
While HPC is not new, it has traditionally been seen as a specialist area – is it now geared up to meet more mainstream requirements?
Security for virtualized datacentres
Legacy security solutions are inefficient due to the architectural differences between physical and virtual environments.
Providing a secure and efficient Helpdesk
A single remote control platform for user support is be key to providing an efficient helpdesk. Retain full control over the way in which screen and keystroke data is transmitted.