|
‘Homepage’ virus spreads
fast in Malta
by David Kelleher
A new virus has found its way into a number of companies in
Malta with the result that their clients have been inundated
with copies of the worm virus.
The Homepage Virus is a worm that duplicates by attaching itself
to an email and is sent out to everyone in the individual’s
Outlook Express address book. The virus does not cause any harm
to the computer but should be treated seriously by anyone receiving
the virus in an email.
A spokesman for Shireburn, representatives of Sophos Anti-Virus
in the UK, told The Malta Business Weekly that it was unusual
for the company to send a warning to its clients regarding a
spreading virus especially because nearly all such warnings
received are hoaxes.
“This is not a hoax and should be treated seriously,”
the spokesman said. “The Homepage virus has been spreading
very rapidly. Clients are once again reminded of the importance
of being vigilant.
“We are seeing that new viruses are sometimes spreading
globally even on the same day of their issue. Sophos Anti-Virus,
a world leader in corporate anti-virus protection, is urging
users to be vigilant against a new in-the-wild worm that spreads
by encouraging users to double-click on an attachment posing
as a cool webpage,” the spokesman added.
Once activated, the worm changes the user’s default webpage
to a pornographic website. The worm, known as VBS/VBSWG-X, or
Homepage, arrives in an email with the subject line “Homepage”.
The body of the text says “Hi! You’ve got to see this
page! It’s really cool.” The virus itself arrives
as an attachment to the email, called “homepage.HTML.vbs”.
VBS/VBSWG-X is an email-aware worm based around the VBSWG virus
writing kit. This is the same kit that was used to generate
the Anna Kournikova worm in February. When executed the worm
launches a viral Visual Basic Script which proceeds to forward
itself to each entry in a user’s Microsoft Outlook address
book. It also chooses one of four possible pornographic websites
to display on the victim’s screen.
“This is the latest in a long line of viruses to exploit
our natural curiosity in order to spread,” said Graham
Cluley, senior technology consultant for Sophos Anti-Virus.
“Unfortunately, it seems that the lessons of the Love Bug
have yet to be learned. Visual Basic Script files and anything
with a double-extension should automatically be blocked at the
email gateway. Users also need to be suspicious of every single
attachment they receive – no matter who it has come from.”
Sophos Anti-Virus has issued protection against VBS/VBSWG-X
which can be found at: http://www.sophos.com/virusinfo/analyses/vbsvbswgx.html
Details of the virus are already on the web site at www.shireburn.com
and of course the Sophos web site at www.sophos.com.
|
