Worm/MiMail.A uses a Microsoft Internet Explorer (IE) exploit that allows a created executable virus to run on the local computer.
The internet worm spreads through email by using addresses it collects from local files on compromised clients. The worm attacks PCs running Windows 95, Windows 98, Windows NT, Windows Me, Windows 2000 and Windows XP.
The payload is Java script code contained in a Zip folder called Message.zip.
Once activated the worm harvests all email addresses on the computer and mails itself out. It also writes a file called VIDEODRV.EXE onto the auto-run register so that it reloads every time the PC reboots.
‘Mimail’ also creates several other files in the Windows directory: EXE.TMP – an HTML worm, ZIP.TMP an archive worm and EML.TMP – an email worm.
A patch is available from Microsoft at http://support.microsoft.com/default.aspx?scid=kb;en-us;330994
Steven Sundermeier, vice president of products and services at security firm Central Command, said in a statement: ‘Worm/MiMail.A is spreading globally at an alarming rate.
‘Our preliminary virus tracking report shows that US based computer users are being the hardest hit thus far, at this time 61% of the confirmed infection reports have originated in the US.’
An alert from antivirus company Panda Software added: ‘It’s a malicious code with fast email spreading capability. In order to spread itself the worm uses two IE vulnerabilities that Microsoft released patches for some time ago.’
The worm arrives through e-mail in the following format:
Subject: your account
I would like to inform you about important information regarding your email address. This email address will be expiring. Please read attachment for details.
Best regards, Administrator
Anti-virus firm Kaspersky thinks the virus originated in Russia since it closely resembles malware found last year called StartPage which came from Russina hackers.
The drive towards a fully digital tax regime is an admirable one, but mandation is simply wrong, according to one of the UK's most senior tax technology practitioners - Paul Aplin
Barclays has partnered with accounting software company Xero to provide businesses with access to transaction data through its direct feed.
Government's estimate of a £400m admin saving from Making Tax Digital is way off - and is instead a huge cost burden, warns Lamont Pridmore chief executive Graham Lamont
Xero unveiled its expanded global partner programme at Xerocon South, the accounting technology conference in Australasia