Off topic: E-mail 'worm' disguised as holiday greeting
Thread poster: Monika Coulson
| | Monika Coulson
Local time: 15:41
English to Albanian
E-mail 'worm' spreads holiday jeers
Program disguised as holiday greeting poses 'medium' threat
Grinch-like virus writers are spreading their version of holiday cheer by embedding a variant of the so-called "Zafi" e-mail worm inside electronic greetings.
E-mails with the misspelled attachment "Happy Hollydays" arrived in inboxes Tuesday, with the subject line "Merry Christmas." A worm is hiding inside the attachment.
It propagates itself via e-mail contact lists when the attached file is opened and could render infected computers more vulnerable to spammers or hackers.
The worm spread overnight across 18 European countries, including Great Britain, France, Germany and Italy, but was not expected to make waves in the United States. The Europe-U.S. time difference gave antivirus companies stateside some breathing room.
"Zafi hit the European countries hard and fast this morning at 4 a.m. their time," said Patrick Hinojosa, CTO of the security software company Panda Software, "People open e-mail mainly at work though, so companies here in the U.S. would have already updated their virus protection by the time Americans were waking up."
Hinojosa said as soon as a virus is detected, security software companies scramble to reverse-engineer the code, create a detection file, and then send updated virus definitions out to clients. Most large corporations download the latest virus definitions in the wee hours, before employees arrive.
The first version of Zafi was detected last April. This is the fourth variant. The latest one, however, has a clever twist: It translates "Merry Christmas" into various languages as determined by the domain name. The worm knows that a .fr domain would probably be a French recipient, whereas a .de person would most likely speak German. An embedded translation program matches the domain name with the appropriate holiday greeting, thus increasing the likelihood of the recipient opening the mail.
"We call it social engineering," said Joe Hartmann, a director of North American Research at the antivirus company Trend Micro. "Are you going to open a message with Swedish text in it if you don't speak Swedish? Probably not. But you might if it were in your own language."
Hartmann said that this latest worm does not stack up to the big worms this year, such as Bagle, MyDoom and Netsky, which each had millions in distribution worldwide. Hartmann said Zafi has "only in the thousands, globally."
So far antivirus companies are issuing "medium" threat warnings, and will continue to monitor the worm's spread.
[Edited at 2004-12-15 18:43]
| || || |
| Use a Firewall || Dec 16, 2004 |
We had this arrive in our inbox on Tuesday, Windows XP Firewall on the infected machine intercepted the virus's attempt to send outgoing emails and blocked them while waiting for Symantec to update it's definitions. Norton quickly and easily found it and removed it after the definitions update.
Moral of this story... Firewalls work, use them!
To report site rules violations or get help, contact a site moderator:
You can also contact site staff by submitting a support request »
E-mail 'worm' disguised as holiday greeting
|The words you want Anywhere, Anytime|
WordFinder is the market's fastest and easiest way of finding the right word, term, translation or synonym in one or more dictionaries. In our assortment you can choose among more than 120 dictionaries in 15 languages from leading publishers.
More info »
|Translation Memory Software for Any Platform|
Exclusive discount for ProZ.com users!
Save over 13% when purchasing Wordfast Pro through ProZ.com. Wordfast is the world's #1 provider of platform-independent Translation Memory software. Consistently ranked the most user-friendly and highest value
More info »