RE: New Worm virus

From: brian.duffey@intelsat.int
Date: Fri Jun 11 1999 - 07:26:00 EDT


Thanks for that bit of info. Mike.
This explains why our company had a Red Alert network shutdown yesterday so
they could put some firewall updates into place. We were lucky and missed
out on most of the Melissa problems too. (Except for a few 'rocket
scientists' who wanted to "check it out") Ummm, DUH ! Yes check it out,
thats fine, but do it on a stand alone system, not a LAN'd terminal!!!

Later,

Duff
'95 SLT 4x4 CC 318 4spd/OD - 3.55 LSD
MSD 6AL - MSD Blaster Coil - Rancho 5000/9000
MSD 8.5 wires - K&N FIPK - F&B Stage I TBI

> -----Original Message-----
> From: Mike Williams [mailto:williams@kode.net]
> Sent: Friday, June 11, 1999 4:41 AM
> To: dakotart@egroups.com; DML; Multiple recipients of
> Subject: DML: New Worm virus
>
>
> With all the all the trouble people on the list had with the
> Happy virus and Melissa. Thought I'd pass this a long. This ones
> seems nasty.
>
> ExploreZip Virus Hits Computers Around The World
>
> By Dick Satran
>
> SAN FRANCISCO (Reuters) - A new email-borne computer infection
> swept the Internet Thursday, showing up quickly in
> thousands of computers around the world and leading to the
> shutdown of some corporate e-mail systems.
>
> The new infection, ``called the ExploreZip worm,'' can erase
> files from a users' computers, making it inherently more
> dangerous
> than the Melissa virus, which gained notoriety for its ability
> to spread quickly but not because it destroyed any data.
>
> ExploreZip is known as a worm, not a virus, because it can't
> replicate itself. Computer viruses such as Melissa, which
> appeared
> in March, are written with the capability to reproduce through
> automation.
>
> But even if it can't reproduce itself, it's spreading its
> destructive force quickly, experts said. Computers in the U.S.,
> Germany,
> France, Norway, Israel and the Czech Republic were invaded, said
> Finnish computer security firm Data Fellows Corp.
>
> Network Associates Inc. (Nasdaq:NETA - news), the computer
> security firm, said it gave ExploreZip a ``high risk''
> classification because the number of incidents doubled overnight
> and it has already shown up on thousands of computers. The
> company said it believes the worm originated in Israel.
>
> The Melissa virus gained notoriety because it was the
> fastest-moving virus ever seen, and another recent virus, the
> CIH, or
> ``Chernobyl'' virus, in April, caused severe damage to a
> relatively small number of computers. ``This worm combines the
> speed
> of Melissa with the destructive payload of the CIH virus,'' said
> Wes Wasson, director of anti-virus products at Network
> Associates.
>
> The computer bug is cleverly disguised as an e-mail that appears
> to be a response to an earlier message, borrowing a page
> from Melissa, which appeared as a benign e-mail and
> surreptitiously sent messages to other users.
>
> ``I received your e-mail, and I shall reply ASAP,'' the
> ExploreZip message reads. ``Till then, take a look at the zipped
> docs.''
>
> The computer experts warned users to delete that message. Users
> who respond by clicking on the attached file will launch the
> virus into their computer that will then destroy Microsoft
> Outlook, Express and possibly other e-mail related documents.
>
> Leading computer security companies Network Associates
> (http://www.nai.com), Symantec Corp. (Nasdaq:SYMC - news)
> (http://symantec.com) and Trend Micro Inc.
> (http://www.antivirus.com) all have offered virus protection
> patches that can be
> downloaded from their sites to identify and eliminate the bug.
>
> ``Apart from the using the anti-virus software, we just
> recommend that people not open any file that they can't verify
> the origin
> of,'' said a Network Associates official.
>
> The Washington lobbying office of one major U.S. corporation was
> hit Thursday, receiving e-mail with the virus that appeared
> to be from company officials in other offices. One recipient,
> unaware of the malicious nature of the e-mail attachment, ran
> the
> program and lost numerous files.
>
> ``I think that anyone who randomly wipes out people's files is
> totally obnoxious,'' the person, who asked to remain anonymous,
> said.
>
> At Wall Street brokerage giant Merrill Lynch, the e-mail system
> was shut down to protect data after the worm was found on a
> computer. ``We learned our lesson with Melissa that you have to
> work quickly to avoid problems,'' said a spokeswoman.
>
> Computers at dozens of other companies were reported hit, and
> Network Associates said ``consumers at home will be
> affected as well.''
>
>
>
>
> --
> Mike Williams -- VP Mid-Michigan Mopar Enthusiasts
> Black T/A -- Register your T/A today via the web page below
> 99 Black Dakota R/T
> 99 Black Neon Sedan ACR
> http://mid-mich-mopars.org
>



This archive was generated by hypermail 2b29 : Fri Jun 20 2003 - 12:14:23 EDT