Feeds

'Alien greeting' harbours Windows malware

Plan 9 from cyberspace

  • alert
  • submit to reddit

Protecting users from Firesheep and other Sidejacking attacks with SSL

A message purporting to come from an alien is in reality, you've guessed it, the latest Windows PC-infecting computer virus. The Sundor-A worm displays a picture of an alien with the following message: "I'm the alien. Have a happy week. I liked your computer" upon infection.

If you open an infected Word document you get the pox. Sundor-A then goes about deleting programs and documents from the infected computer's hard drive and disabling security software, potentially leaving compromised PCs open to further attack.

Sundor-A relies on someone to deliberately send infected files to prospective victims. It doesn't mass-mail itself, a factor that has limited the spread of the malware. "In many ways it's an old school virus. We don't see anything like as many Word viruses as we did back in the mid-late 1990s, and its graphical payload seems like the behaviour of older 'classic' viruses too. It is possible that some users may believe that it is a joke program sent from a friend rather than something deliberately malicious," said Graham Cluley, senior technology consultant at anti-virus firm Sophos.

Sundor-A is a low risk virus but Windows users would still be well advised to keep their anti-virus protection up-to-date and to practice safe computing, such as by avoiding the temptation to open suspicious-looking emails. You know it makes sense. ®

Related stories

Area 51 'hacker' charges dropped
Romanian villagers flee disco-dancing aliens
Methane on Mars: aliens - or farts in a jacuzzi?
SETI has not found ET: official

The next step in data security

More from The Register

next story
Israeli spies rebel over mass-snooping on innocent Palestinians
'Disciplinary treatment will be sharp and clear' vow spy-chiefs
Infosec geniuses hack a Canon PRINTER and install DOOM
Internet of Stuff securo-cockups strike yet again
THREE QUARTERS of Android mobes open to web page spy bug
Metasploit module gobbles KitKat SOP slop
'Speargun' program is fantasy, says cable operator
We just might notice if you cut our cables
Apple Pay is a tidy payday for Apple with 0.15% cut, sources say
Cupertino slurps 15 cents from every $100 purchase
YouTube, Amazon and Yahoo! caught in malvertising mess
Cisco says 'Kyle and Stan' attack is spreading through compromised ad networks
Hackers pop Brazil newspaper to root home routers
Step One: try default passwords. Step Two: Repeat Step One until success
Greater dev access to iOS 8 will put us AT RISK from HACKERS
Knocking holes in Apple's walled garden could backfire, says securo-chap
prev story

Whitepapers

Providing a secure and efficient Helpdesk
A single remote control platform for user support is be key to providing an efficient helpdesk. Retain full control over the way in which screen and keystroke data is transmitted.
Saudi Petroleum chooses Tegile storage solution
A storage solution that addresses company growth and performance for business-critical applications of caseware archive and search along with other key operational systems.
Security and trust: The backbone of doing business over the internet
Explores the current state of website security and the contributions Symantec is making to help organizations protect critical data and build trust with customers.
Reg Reader Research: SaaS based Email and Office Productivity Tools
Read this Reg reader report which provides advice and guidance for SMBs towards the use of SaaS based email and Office productivity tools.
Security for virtualized datacentres
Legacy security solutions are inefficient due to the architectural differences between physical and virtual environments.