AOL warns of password-stealing e-mail virus
February 1, 2001
The virus, dubbed "APStrojan.qa," attempts to steal a member's names and passwords and then send them via e-mail to the virus' author. If a user is logged onto AOL 4.0 or 5.0, the virus also tries to e-mail itself to active people on the member's "buddy list."
Thursday's warning comes after McAfee.com, which makes security software, noted a 100 percent increase in the virus over the past three weeks. The virus has been around for about one year.
AOL (NYSE: AOL) has not seen an increase of infected members internally, but is nonetheless heeding McAfee.com's warning, according to spokesman Andrew Weinstein.
"We're continuing to closely monitor the situation, and we encourage people to be extremely careful in opening e-mail attachments even if they're from familiar sources," Weinstein said. "Our top priority is protecting our members, and we do that by educating them."
The infected e-mail comes with a subject line reading "hey you" and an attachment titled "mine.zip." The text within the e-mail reads, "'hey i finally got my pics scanned...theres like 5 or 6 of them...so just download it and unzip it. and for you people who don't know how to then scroll down...tell me what you think of my pics ok?"
Considered a Trojan horse, this virus is less insidious than some, in that Net users must open the attachment in order to become infected.
"If you just open the e-mail and delete it, there will be no effect on your system," said Weinstein.
AOL users can protect themselves by deleting this e-mail if it is received. Members who believe they have the virus on their system can check their accounts by visiting McAfee.com or a virus site on AOL's internal system.
Cecily Barnes, emailtoday.com