Information Security News mailing list archives
Christmas virus strikes 10 top-tier companies
From: William Knowles <wk () C4I ORG>
Date: Fri, 10 Nov 2000 15:30:56 -0600
http://www.techserver.com/noframes/story/0,2294,500278452-500436438-502784269-0,00.html WASHINGTON (November 10, 2000 3:37 p.m. EST http://www.nandotimes.com) - Computers in at least 10 Fortune 500 companies have been infected recently by a Christmas-themed virus that security experts call "Navidad." The virus, which affects computers using Microsoft's Windows operating system, arrives as a reply when a user sends an e-mail to an infected computer. The attachment, called "NAVIDAD.EXE," is mainly in Spanish, and antivirus experts believe the virus came from South America. "We've seen at least 100 samples over the last 4 days, including at least 10 Fortune 500 companies," said Vincent Gullotto, top antivirus researcher at security company McAfee.com, adding that many of the virus-ridden e-mails have come from Brazil and Cuba. When a person opens the Navidad attachment - something security experts always warn against unless the user knows what the attachment is - a message in Spanish reads: "Never press this button." If the button is pressed, a message says: "Feliz Navidad. Unfortunately you have given in to temptation and will lose your computer." But the computer isn't damaged, which Gullotto says may be because the virus is designed for the Spanish version of Windows. But the virus does place on the computer's desktop an icon that looks like an eye, which stops most programs from being run. "It's not destructive, but it may cause your Windows system to lock up," Gullotto said. The program can be stopped manually, and several antivirus companies have developed software that both removes and protects against the virus. Several viruses in the past have taken holiday themes. One that appeared last year only damaged an infected computer on Christmas Day. But while the virus doesn't damage computers, security companies are still warning their customers because Navidad is spreading fast among large corporations. One security expert familiar with the virus, who spoke on the condition of anonymity, said both the petroleum company ExxonMobil and computer chipmaker Intel have been hit by Navidad. As with any virus, experts suggest that consumers install an antivirus program and keep it updated at least once a month. They also recommend using an antivirus scanner to check an e-mail attachment before clicking on it. *==============================================================* "Communications without intelligence is noise; Intelligence without communications is irrelevant." Gen Alfred. M. Gray, USMC ================================================================ C4I.org - Computer Security, & Intelligence - http://www.c4i.org *==============================================================* ISN is hosted by SecurityFocus.com --- To unsubscribe email LISTSERV () SecurityFocus com with a message body of "SIGNOFF ISN".
Current thread:
- Christmas virus strikes 10 top-tier companies William Knowles (Nov 11)