PracticePeople In PracticeKournikova virus spreads exponentially

Kournikova virus spreads exponentially

A potentially devastating virus that is spreading 'twice as fast as the Love Bug' was unleashed into the wild today.

Experts at antivirus firm Message Labs warned IT managers to prepare for a VBS.Generic virus contained in the rapidly spreading attachment, AnnaKournikova.jpg.vbs.

Known as VBS/SST-A, the worm arrives in an email with the subject line ‘Here you have, ;0)’ and includes the AnnaKournikova.jpg.vbs attachment. But instead of displaying a picture of the tennis star the bug uses the Visual Basic scripting language to infect Outlook and mails itself out to contacts in the infected user’s address book.

According to some anti-virus firms, the number of infections has been rising every hour. ‘We first saw the AnnaKournikova virus at 1.30pm today. In the first hour we stopped four instances. By the forth hour this was up to 1,376.

‘It’s spreading exponentially,’ said Alex Shipp, antivirus technologist at Message Labs. ‘This means it’s spreading twice as fast as the Love Bug.’

Shipp told vnunet.com that experts trying to assess the threat from the virus had been hampered by code encryption techniques used by its authors. ‘We finally cracked it this morning. There is a payload that points to a website www.dynabyte.nl. We don’t yet know if it is trying to download malicious code from this URL or launch a denial of service attack against the site.’

Graham Cluley, senior technology consultant at fellow anti virus software vendor Sophos, said the bug is the latest to exploit psychology to aid its spread among gullible users. ‘Pictures of Anna Kournikova are among the most popular on the internet. Our message to computer users is simple – think with your brain not with your groin.’

The virus does not damage the systems it has infected but is thought to be highly polymorphic, which means it changes its signatures to hide itself from antivirus software.

Paul Schmehl, supervisor of support services at the University of Texas in Dallas, who was one of the first wave of IT managers alerted to the threat, said: ‘It seems to work much like the I LOVE YOU virus from before, but I want to be sure that it does nothing else.’

A number of vendors have said their software will detect the virus. Sophos has issued an update at sophos.com, while Central Command has released a download available at this location.

McAfee said the latest version of its antivirus software and definitions will detect the virus, but neither Symantec nor Trend Micro had patches available as yet.

Links

New Melissa virus strikes in Europe

Christmas emails with a sting in their tail

Viruses won’t be stopped by tougher laws

Will Internet security software bring the criminals to book?

Related Articles

Is inefficiency stealing your time and money?

Accounting Firms Is inefficiency stealing your time and money?

6m Emma Smith, Managing Editor
CIMA elects new president

Institutes CIMA elects new president

6m Emma Smith, Managing Editor
Transparent currency trade: How to achieve costs visibility

Governance Transparent currency trade: How to achieve costs visibility

6m Emma Smith, Managing Editor
Introduction to KPMG UK’s new leadership team

Accounting Firms Introduction to KPMG UK’s new leadership team

6m Emma Smith, Managing Editor
EY appoints head of UK Infrastructure Asset Intelligence practice

Accounting Firms EY appoints head of UK Infrastructure Asset Intelligence practice

8m Emma Smith, Managing Editor
FRP Advisory expands operation with new office, partner appointments

Accounting Firms FRP Advisory expands operation with new office, partner appointments

10m Emma Smith, Managing Editor
Magma Group announces merger, partner promotions

Accounting Firms Magma Group announces merger, partner promotions

10m Emma Smith, Managing Editor
MHA MacIntyre Hudson advises on management buy-out

Accounting Firms MHA MacIntyre Hudson advises on management buy-out

10m Emma Smith, Managing Editor