 |
||||
 | |
| ||
|
||||
| ||||
|
|
||||
Careers
Convergence
Data Center
LANs
Net/Systems Mgmt.
NOSes
Outsourcing
Routers/Switches
Security
Service Providers
Small/Med.
Storage
WAN Services
Web/e-commerce
Wireless/Mobile
Newsletters
This Week in NW
Tests/Reviews
Buyer's Guides
Opinion
Forums
Special Issues
How to/Primers
Case Studies
Network Life
Encyclopedia
IT Briefings
Security /
'Anna Kournikova' computer virus on the loose
 
|
|||
 | |||
|
If someone sends you e-mail that appears to have the JPEG image of tennis star Anna Kournikova attached to it, don't open the JPEG. It's actually hiding a computer virus that will execute a mass mailing of itself once the JPEG is opened, if you're using Microsoft Outlook.
Antivirus software vendors say the "Anna Kournikova" JPEG file is hiding a Visual Basic Script (VBS) file that, when executed, grabs names from Microsoft's directory to mail the virus to other recipients. Network Associates, Symantec and Computer Associates are three vendors that have readied antivirus updates to combat the rapidly spreading "Anna Kournikova." They all agree the virus carries no harmful payload, such as eradicating files or other damage. But it is clogging e-mail servers in what could amount to a denial-of-service attack because it's spreading fast.
"It doesn't appear to be destructive, but it does utilize bandwidth in a harmful way," says Ian Hameroff, Computer Associates business manager for antivirus solutions.
Advertisement: |
Lian Yu, product manager for Symantec's Norton AntiVirus Corporate Edition, says one tactic for protecting against executing the "Anna Kournikova" VBS virus is to make sure each user's Microsoft Outlook Express mail client is not set at the default, which runs VBS automatically. Yu said Microsoft late last year issued a patch to block the default setting.
Yu noted that the "Anna Kournikova" virus arrives with the e-mail subject line "Here you are!" or "Here you go!" and seems to carry a picture of the popular sports celebrity. "It's something that might be sent in a friendly way from one user to another," Yu said. "And it's spreading very rapidly."
Computer Associates noticed the "Anna Kournikova" worm does exhibit one peculiarity that is still being investigated. "On the 26th of January - of any particular year - it will launch your Web browser to a Web site in the Netherlands," Hameroff pointed out.
Network Associates' McAfee division also has identified this trait, noting that the "Anna Kournikova" virus is targeting Web site www.dynabyte.nl. The reason why is unknown, said McAfee's solutions marketing manager Ryan McGee, adding the site might best be avoided.
But in theory, a computer infected with the "Anna Kournikova" virus could find that interaction with the Web site could bring some unsuspected damage that is not yet fully understood. Anyone who has unwittingly opened the "Anna Kornikova" virus should be sure to run the appropriate antivirus software to eliminate traces of it.
The "Anna Kournikova" virus is spreading as rapidly as the Melissa and Love Letter viruses did, with one corporate customer reporting an influx of 4,500 e-mails per hour with the "Anna Kournikova" JPEG attachment, McGee said. He noted that some corporate customers are blocking the virus with virus scanning at e-mail gateways.
Contact Senior Editor Ellen Messmer
Other recent articles by Messmer
Related Links
 |
 |
 |
|||||
|
|
|
|
|
|||
