New worm encrypts .exe files

US-based anti-virus vendor Central Command has detected a new worm that mass-mails itself to users disguised as a warning from...

US-based anti-virus vendor Central Command has detected a new worm that mass-mails itself to users disguised as a warning from Microsoft and encrypts executable files rendering them unusable.

The worm, called Win32.Invalid.A@mm, can infect computers running Windows, Windows NT and Windows 2000.

Central Command rates the virus as medium risk, and said that so far there has been only one report of an infection.

But Ryan Russell, an analyst at business security firm, said the virus does pose a threat. "I think it's just early in the cycle," he said.

According to Central Command's announcement, the new worm carries a destructive payload that renders executable (.exe) applications unusable by encrypting them with a random encryption key.

The worm first verifies that an Internet connection is available and, if a connection is established, searches for all files starting with the extension ".ht*" in the My Documents folder. It then extracts the e-mail addresses from within the files and sends a messaging claiming to be from Microsoft.

Steven Sundermeier, a product manager at Central Command, said: "This new worm attempts to use social engineering to again trick users into opening its attached file. Casual Internet users are at most risk for Invalid's damaging retaliation."

The worm-embedded e-mail has a false "from" field indicating that it comes from It directs the user to download a patch to prevent buffer overruns in Internet Explorer from invalid SSL certificates.

The bogus e-mail says: "The SSL protocol is used by many companies that require credit card or personal information, so there is a high possibility that you have this certificate installed. To avoid being attacked by hackers, please download and install the attached patch. It is strongly recommended to install it because almost all users have this certificate installed without their knowledge."

Read more on Operating systems software

Start the conversation

Send me notifications when other members comment.

Please create a username to comment.






  • How do I size a UPS unit?

    Your data center UPS sizing needs are dependent on a variety of factors. Develop configurations and determine the estimated UPS ...

  • How to enhance FTP server security

    If you still use FTP servers in your organization, use IP address whitelists, login restrictions and data encryption -- and just ...

  • 3 ways to approach cloud bursting

    With different cloud bursting techniques and tools from Amazon, Zerto, VMware and Oracle, admins can bolster cloud connections ...