Information Security News mailing list archives
Zoher Worm Gives Unwelcome Christmas PC Present
From: InfoSec News <isn () c4i org>
Date: Thu, 27 Dec 2001 01:54:51 -0600 (CST)
http://www.newsbytes.com/news/01/173214.html By Steve Gold, Newsbytes LONDON, ENGLAND, 26 Dec 2001, 8:33 AM CST PC users returning to their machines after the Christmas break should take care to update their security software, after two antivirus firms issued warnings about the Zoher worm. F-Secure issued a level two security alert to users on its Radar security advisory service over the Christmas break. Level two is one of three alert levels. Level two means the virus is active in the wild and is technically sophisticated. In its advisory to customers, F-Secure says that Zoher worm arrives in an e-mail with the subject line of "Scherzo!" and with a Javascript attachment. The worm executes automatically on some systems. Russia's Kaspersky Lab issued a Christmas Day alert to customers about Zoher, which it says is 6.6 kilobytes large and coded in assembler language. The Moscow-based antivirus company adds that the message body is quite long and has been written in Italian. Kaspersky says that the code uses a similar approach to the Nimda worm - it can be activated from an infected e-mail when a user simply reads or previews a message. Kaspersky advises users not to open the infected e-mail more than once or else the worm will propagate itself from the users' PC. F-Secure's Web site is at http://www.f-secure.com . Kaspersky Lab's Web site is at http://www.kaspersky.com . - ISN is currently hosted by Attrition.org To unsubscribe email majordomo () attrition org with 'unsubscribe isn' in the BODY of the mail.
Current thread:
- Zoher Worm Gives Unwelcome Christmas PC Present InfoSec News (Dec 27)