Security vendor mass-mails worm to clients

[InfoSec News <isn () c4i org>]

http://www.vnunet.com/News/1153081

By Gareth Morgan 
[26-02-2004]

Antivirus firm F-Secure has apologised for sending the Netsky.B virus
to several thousand of its UK customers and partners via a mailing
list.

The email apology said: "Because of a human error, you may have
received an email infected with the Netsky.B virus that was relayed
through our external email list server and was resent to our UK
mailing list.

"The virus did not originate from our network - it was sent by an
unknown party to the list address. If you had up-to-date antivirus
installed, the virus has been stopped automatically already and no
further steps are necessary on your part."

Mikko Hypponen, F-Secure's director of antivirus research, said the
mailing list was outside of the firm's normal email scanning.

"There was no need for us to accept external emails being sent to the
list. We have rectified this, and contacted the people on the list to
warn them," he told vnunet.com.

He said steps had been taken to ensure this could not happen again.

The Netsky.B worm spreads itself in emails inside a .zip archive or as
an executable attachment. It also copies itself to shared folders of
all available drives. This allows the worm to spread through
peer-to-peer and local networks.

One recipient, who wished to remain anonymous, told vnunet.com: "It's
not very good is it, coming from an antivirus firm? You'd expect
better."



-
ISN is currently hosted by Attrition.org

To unsubscribe email majordomo () attrition org with 'unsubscribe isn'
in the BODY of the mail.