Worm Virus Offspring is here, One Month And A Day Earlygreenspun.com : LUSENET : TimeBomb 2000 (Y2000) : One Thread |
As off 3:00 AM AP Wire News is reporting That the virus know as, Worm.Explore.Zip, has a child named, The Mini-Zip virus. Whoops..it just made CNN HeadLine News as I type this out. But any way...This will surprise many East-Coasters in the morning, when they open their mail. It broke out in San Fransico late Tuesday afternoon so.....I thought these virus's were suppose to wait until Dec. 31 and attack all at once? That was the government forecast. Can we expect Y2K to come early as well?
-- SilentRunnig (CanYouHearMe@Calling.You), December 01, 1999
http://dailynews.yahoo.com/h/nm/19991201/bs/tech_virus_2.htmlWednesday December 1 12:20 AM ET
Security Firms Reports New Virus Outbreak
SAN FRANCISCO (Reuters) - Computer security firms reported on Tuesday a new outbreak of the Explorer Zip computer ``worm,'' one of the most damaging computer infections ever seen.
The bug was being carried with a different kind of compression software, the computer security firms said, but the effect is the same. The worm can destroy files and data, and the last outbreak earlier this year cost hundreds of millions of dollars damage in thousands of computers around the world.
Because it is a new version of the virus, it has eluded existing anti- virus software, though major firms quickly upgraded programs that combat the bug.
The Network Associates Inc. (NasdaqNM:NETA - news), the world's largest computer security firm, said it had reports from 10 major companies in the high-tech and entertainment businesses that were hit by the e-mail-borne bug.
Dan Schrader, vice president of new technology at Trend Micro Inc. (NasdaqNM:TMIC - news) said that three large corporations reported incidents during the day.
The so-called Trojan horse arrives as an e-mail that has the target user's own name on it, and it appears to be from a friend. The recipient is invited to open an attached file that destroys files on the user's disk drive when it is opened.
``It's very insidious -- there's a bit of social engineering going on here,'' said Schrader.
The Trojan horse ``contains a destructive payload,'' he said, which searches though hard drives and selects a series of files and destroys them by making them zero bytes long. This can make the files unrecoverable.
Schrader said that the way to avoid the virus is to avoid opening unsolicited e-mail attachments and by running current anti-virus software that has been updated for the new infection.
-- (New@News.Now), December 01, 1999.
http://dailynews.yahoo.com/h/ap/19991130/tc/computer_virus_1.htmlTuesday November 30 11:54 PM ET
Companies Hit by Computer Virus
By MOLLY WOOD Associated Press Writer
SAN FRANCISCO (AP) - A computer virus rampaged through corporate systems, devouring files, crippling e-mail systems and affecting thousands of computers Tuesday, according to anti-virus experts.
The Mini-Zip virus, related to one that caused a serious outbreak in June, was expected to renew its assault Wednesday morning as unsuspecting users checked their e-mail inboxes.
Sal Viveros, a marketing manager for Santa Clara-based Network Associates, which makes the McAfee anti-virus software, said some 20 large corporations had been affected by Tuesday evening.
Schrader said he fielded complaints of significant problems from four Fortune 500 companies and scores of smaller companies.
Mini-Zip is the worst outbreak since its parent bug, Worm.Explore.Zip, struck last summer. Worm.Explore.Zip was considered the most destructive virus since the infamous Melissa outbreak in the spring.
``The last time this virus came along it affected tens of thousands - maybe hundreds of thousands of computers and caused millions of dollars in damage,'' said Dan Schrader, vice president of new technology at Trend Micro in Cupertino. ``It's malicious and fast- spreading. We consider this to be high-risk.''
Anti-virus experts said the bug gets loose from an infected system as a seemingly friendly reply to a clean e-mail sent via the Microsoft Outlook, Outlook Express or Exchange browsers.
The virus intercepts the original message and automatically sends itself as a response - even changing the subject line from, for example, ``Work Meeting'' to ``Re: Work Meeting.''
The body of the message reads: ``Hi (recipient's name)! I received your e-mail and I shall send you an e-mail ASAP. Till then, take a look the attached zipped docs. bye.''
The e-mail contains an attachment called ``zipped-files.exe.'' If a user double-clicks on the attachment, the virus is set loose in the new victim's system.
It then destroys a series of files in a computer's hard drive by replacing them with empty files.
Anti-virus experts cautioned users against opening e-mails if they do not know the sender or why they were sent. They said the virus could be fought with updated antiviral software.
-- (New@News.Now), December 01, 1999.
NEW YORK (Roiters) -- a very malicious virus has hit the World-Wide Wait...one that has been publicized far and wide.Termed "The Idiot Catcher", it only affects those who have ignored warnings given again and again for weeks and weeks. "If you get an attachment from someone you don't know, don't open it."
Said analyst I.M. Dumm, "If they haven't a clue by now, they never will."
Some analysts compare this virus event to the coming Y2k event.
"If they'll panic over this, they'll fall for all the ridiculous doom-and-gloom Y2k scenarios as well," said Com N. Sense, CEO of GetReal, Inc.
-- Chicken Little (panic@forthebirds.net), December 01, 1999.
http://news.excite.com/news/zd/991130/18/minizip-a-nastyMiniZip a nasty, small clone of ExploreZip
Updated 6:45 PM ET November 30, 1999
By Jim Kerstetter, PC Week
They call it, MiniZip.
Virus researchers at Network Associates Inc. (NASDAQ:NETA), Symantec Corp. (NASDAQ:SYMC) and Trend Micro Inc. warned Tuesday evening that a new version of the ExploreZip virus, which wipes out information on a hard drive, has hit at least 12 companies so far, six of them high- tech manufacturing companies. Several thousand PCs are believed to have been hit.
The ExploreZip variant, also called ExploreZip.worm.pak, is 120 KB, about half the size of its predecessor. But other than its diminutive size, MiniZip acts exactly like ExploreZip, which both wipes out files on hard drives and can spread via e-mail.
Compression conundrum MiniZip is so small because the virus's author compressed the original ExploreZip code. Compressing it changes the bits, meaning that anti-virus software has trouble identifying the new virus. MiniZip first appeared last week, so most anti-virus makers have updated their software to detect its code. While anti- virus makers issued notice of the new updates, it appears that many companies have not updated their anti-virus software, allowing Tuesday's outbreak.
What to look for ExploreZip, the "father" of MiniZip, was first reported on June 11. The worm uses MAPI-capable e-mail programs to propagate, such as Microsoft Corp.'s Outlook, Outlook Express and Exchange.
It e-mails itself out as an attachment with the filename "zipped_files.exe." The body of the e-mail message looks like it came from a regular e-mail correspondent and says:
"I received your email and I shall send you a reply ASAP. Till then, take a look at the attached zipped docs."
Once it's launched, MiniZip launches the original Worm.ExploreZip routine. It looks for any drives mapped to the infected computer and spreads to them. It also looks for unread e-mail and automatically replies to them, in search of new victims.
"That's why it has spread so rapidly now, but didn't at first," said Vincent Weafer, director of the Symantec Antivirus Research Center. "This is exactly how ExploreZip spread."
MiniZip may display an error message informing the user that the file is not a valid archive, according to the anti-virus companies. The worm copies itself to the c:windowssystem directory with the file name "Explore.exe" and then modifies the WIN.INI file so that the virus launches each time Windows is started.
-- (New@News.Now), December 01, 1999.
Wednesday December 1 12:55 AM ETDestructive E-mail Virus Hits the Web
WASHINGTON (AP) - Anti-virus experts said the bug gets loose from an infected system as a seemingly friendly reply to a clean e-mail sent via the Microsoft Outlook, Outlook Express or Exchange browsers.
The virus intercepts the original message and automatically sends itself as a response - even changing the subject line from, for example, ``Work Meeting'' to ``Re: Work Meeting.''
The body of the message reads: ``Hi (recipient's name)! I received your e-mail and I shall send you an e-mail ASAP. Till then, take a look the attached zipped docs. bye.''
The virus experts said that the "Polyanna" type mentality within society are especially vulnerable to these types of viruses because they are so naive. Research indicates that the type of people who do not comprehend the implications of Y2K are also the type of people who would cluelessly open a strange e-mail without suspecting that anything could go wrong.
An investigation into the last series of costly virus attacks revealed that it was the clueless Polyanna type employees who were responsible for millions of dollars worth of damage to databases, simply because they were too stupid to realize that the mail was not from their friends.
-- Hawk (flyin@high.again), December 01, 1999.