LoveGate.C affects Windows users when they open up an infected attachment. According to Raimond Genes, European...
president of operations at anti-virus vendor Trend Micro, this latest variant of the LoveGate worm is particularly devious.
"LoveGate.C replies to incoming e-mail with a message that looks like it came from the real sender," he said.
Using social engineering, the worm replies to a genuine message with a text that says: "I'll try to reply as soon as possible. Take a look to the attachment and send me your opinion."
According to data from the VirusEye service from anti-virus firm MessageLabs, South Africa has seen the worst of LoveGate.C so far with 1,168 occurrences detected and stopped by MessageLabs by midday on Monday 24 February. At the time of writing, the figure from MesageLabs for the UK was 208.
Paul Wood, information security analyst at MessageLabs, said, "It is difficult to say whether LoveGate.C represents a large threat." But, he added, home users and people who do not have the resources to update their AV software and operating systems frequently might unwittingly help to propagate it for many months.
Trend Micro's Genes said that the full impact of the worm will be seen when the US comes online. "LoveGate.C could spread very efficiently in the States as people in the US tend to click [and open attachments] first and ask questions later."
Anti Virus software firms have rated LoveGate.C "medium risk" and users will need to update their AV signatures and pre-empt attacks by warning users of this latest threat to IT security.