Newsletter worm targets Outlook
Security experts are warning of a new virus that uses Microsoft Outlook e-mail software to replicate itself by sending out mass...
The virus, called [email protected], emerged yesterday, where it masquerades as a newsletter published by a German security group Trojaner Info, according to a statement on Trojaner's Web site.
Sophos Anti-Virus and Symantec said the worm arrives in an e-mail with the subject line "Trojaner Info Newsletter" and the current date. Inside, users find a message in German and an attachment named yawsetup.exe.
Opening the attachment activates the worm, which burrows into a user's system and replicates itself via the user's address book and by searching files with the extensions .php, .htm, .shtm, .cgi, and .pl.
Symantec said the virus can delete files related to Windows. However that it is easy to contain and has not spread very far.
Bill Pollak at CERT Coordination Centre, a security research and information service at Carnegie Mellon University in Pittsburgh, said the group is monitoring the virus but hasn't issued an advisory.
