TechTarget

Random worm threatens your systems

A mutating variant of the Klez.H virus could cause severe disruption to IT systems according to anti virus-vendor MessageLabs...

A mutating variant of the Klez.H virus could cause severe disruption to IT systems according to anti virus-vendor MessageLabs after a dramatic increase in the number of attacks.

Mark Toshack, virus analyst at MessageLabs, told CW360.Com, "It has been very difficult to identify Klez.H. Every time it arrives in an e-mail inbox it contains a random address sender and e-mail payload."

Toshack warned that no anti-virus company would be able to pre-warn users of what to expect as it was impossible to identify the attachment filename.

At 4pm on Friday, Toshack said MessageLabs had stopped 47,602 e-mails containing Klez.H viruses.

"One in every 77 e-mails sent through our MessageLabs service was a Klez.H virus," he said. This virus has been more rampant than Sircam, one of the longest-running virus attacks on the Net.

Once executed, the Klez.H worm searches the Windows address book compiling a database of contacts. It uses its own mail engine to sends an e-mail message to these addresses with itself as an attachment.

MessageLabs said the worm tries to hide its presence by filling in the "From" field in the e-mail it sends with an e-mail contact address taken from the infected computer which, it said, makes it harder to trace.

Anti-virus experts warned users that Klez.H could overwhelm e-mail servers and lock up e-mail systems. This version of the worm does not delete files, experts said.

CW+

Features

Enjoy the benefits of CW+ membership, learn more and join.

Read more

0 comments

Oldest 

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to:

-ADS BY GOOGLE

SearchCIO

SearchSecurity

SearchNetworking

SearchDataCenter

SearchDataManagement

Close