If you get an e-mail that has a title of “here you have” or “Just For you” and you’re running Windows, don’t open it. It’s a dangerous virus that uses methods from the turn of the century… the 21st century…. to spread itself:
The worm arrives via emails with the subject line “Here You Have” or something similar, and the messages contain a link to a site that will download a malicious file to the victim’s PC. The malware then drops itself into the Windows directory with a file name of CSRSS.EXE, which is identical to a legitimate Windows file, according to an analysis by McAfee researchers.
“The URL does not actually lead to a PDF document, but rather an executable in disguise, such as PDF_Document21_025542010_pdf.scr served from a different domain, such as members.multimania.co.uk,” the analysis says.
From there, it’s 2001 all over again, as the worm attempts to mail itself to all of the contacts in the victim’s Outlook address book. The malware also tries to stop any security software or anti-malware programs running on the machine. McAfee’s researchers found that the worm also can spread via network shares and AutoRun.
I can see that I’ll be busy for the next few days judging from this Toronto Star story that says that Google, ABC, Coca-Cola and others have been hit hard. If you don’t want to be one of the unlucky, don’t open any e-mails with the above titles and make sure your virus definitions are up to date.
Advertisement
Like this:
Be the first to like this post.
This entry was posted on September 9, 2010 at 9:56 pm and is filed under Commentary with tags virus, Windows. You can follow any responses to this entry through the RSS 2.0 feed
You can leave a response, or trackback from your own site.
Dangerous New Virus From The Old School Hits The Streets
If you get an e-mail that has a title of “here you have” or “Just For you” and you’re running Windows, don’t open it. It’s a dangerous virus that uses methods from the turn of the century… the 21st century…. to spread itself:
The worm arrives via emails with the subject line “Here You Have” or something similar, and the messages contain a link to a site that will download a malicious file to the victim’s PC. The malware then drops itself into the Windows directory with a file name of CSRSS.EXE, which is identical to a legitimate Windows file, according to an analysis by McAfee researchers.
“The URL does not actually lead to a PDF document, but rather an executable in disguise, such as PDF_Document21_025542010_pdf.scr served from a different domain, such as members.multimania.co.uk,” the analysis says.
From there, it’s 2001 all over again, as the worm attempts to mail itself to all of the contacts in the victim’s Outlook address book. The malware also tries to stop any security software or anti-malware programs running on the machine. McAfee’s researchers found that the worm also can spread via network shares and AutoRun.
I can see that I’ll be busy for the next few days judging from this Toronto Star story that says that Google, ABC, Coca-Cola and others have been hit hard. If you don’t want to be one of the unlucky, don’t open any e-mails with the above titles and make sure your virus definitions are up to date.
Share this:
Like this:
This entry was posted on September 9, 2010 at 9:56 pm and is filed under Commentary with tags virus, Windows. You can follow any responses to this entry through the RSS 2.0 feed You can leave a response, or trackback from your own site.