SUNNYVALE, Calif. -- Anti-virus experts at McAfee have issued a
medium-on watch alert for the W32/Navidad@m Internet worm. They
say the “Navidad” worm uses Microsoft Outlook and Outlook Ex-
press to propagate itself to other PCs. High levels of infec-
tions have been reported in the United Kingdom, South America
and Latin America, although "Navidad" infections in the United
States have been minimal. The “Navidad” worm uses MAPI Outlook
to spread. It's received by e-mail as a response to a sent e-
mail message to an infected user, with the attachment
NAVIDAD.EXE. Once infected, a blue “eye” icon appears in the
lower right corner of one's PC screen. When the cursor is plac-
ed over the icon, the text "Lo estamos mirando" (“We are watch-
ing it”) is displayed. When the "eye" icon is clicked, a button
appears reading "Nunca presionar este boton" ("Never press this
button"). When the button is pressed, a message box is displayed,
titled "Feliz Navidad", which reads "Lamentablemente cayo en la
tentacion y perdio su computadora" ("Merry Christmas. Unfortun-
ately you've given in to temptation and lose your computer").
SEMIHEMI01 (Bill C.) 2001 QC, 4.7L, 5spd. 3.55 LSD, K-N + Cool-Air, SilBlades,
10w-30 MOBIL 1, 180 T'STAT, GIBSON 3" Single Side-Swept cat-back, G-TECH,
<A HREF="http://hometown.aol.com/semihemi01/">"THE DAK"</A>
This archive was generated by hypermail 2b29 : Fri Jun 20 2003 - 11:57:23 EDT