find us on facebook!

'Goner' virus targets security, e-mail files

December 5, 2001

THE ASSOCIATED PRESS WASHINGTON — Anti-virus companies scrambled to protect their customers against a destructive e-mail attack yesterday that purported to be a computer screen saver.

Security company McAfee reported that thousands of its clients sent in copies of the worm, called "Goner." An Internet worm can spread to other computers on its own.

"It's very harmless looking," McAfee virus research manager April Goostree said. The e-mail has a subject line of "Hi," and asks the user to check an attached screen saver program.

If the recipient runs the screen saver, the computer becomes infected. Like many e-mail attacks, it sends itself to everyone in the victim's address book. It can also send itself through the instant messaging program ICQ.

Goner also affects Microsoft's Outlook and Outlook Express e-mail programs on computers running Windows. Computer experts advise that people not open unexpected e-mail attachments, even if the sender is someone familiar. Computer users should update their antivirus software at least weekly.

Goner also attempts to delete critical files for any security or anti-virus program the victim might have installed.

"This is an anti-anti-virus virus," said David Perry of anti-virus company Trend Micro.

McAfee has placed Goner on "outbreak" status. The last virus with that status was the "Love Letter" attack, which caused billions of dollars in damages worldwide.

Anti-virus companies received the first samples of Goner from Europe, particularly France and Germany. Ian Hameroff, a business manager at Computer Associates, said about 30 of its clients worldwide reported getting the worm.

By yesterday, several major anti-virus companies, including McAfee and Symantec, had released updates for their software.

Several virus experts wondered why Goner, which doesn't spread in any new or novel way, tricked users. The e-mail message even has a misspelled word, one of the tip-offs to malicious software.

"Humans are still the weakest link in the chain," SecurityFocus chief technology officer Elias Levy said.


Copyright © 2001 Cape Cod Times.


(c) EMMA Labs, 2024 | No Spam Policy