* via http://theMezz.com/lists * subscribe at http://techPolice.com
Worm targets security software By David Becker Staff Writer, CNET News.com January 2, 2002, 11:55 a.m. PT A destructive new worm that destroys antivirus software on infected computers was slowly spreading Wednesday. The Maldal.D worm, also known as ZaCker, was written and distributed Dec. 29, according to antivirus software maker Symantec, prompting fears the worm could sneak past security software that wasn't updated over the holiday break. "We always worry when something comes out at the end of the week or over a holiday, when nobody's in their office," said Steve Trilling, director of research at Symantec's Security Response division, which rated Maldal.D as a moderate threat. Maldal.D appeared to be spreading slowly and mainly outside the corporate networks that can turn an infection into an epidemic. "We have seen a bit of an upsurge in submissions today, but most of them are from consumers," Trilling said. "That leads us to believe that a lot of corporations updated their software right away." E-mail screening service MessageLabs reported intercepting about 150 copies of Maldal.D by 11 a.m. Wednesday, placing the worm at the bottom of the company's list of the Top 10 most active viruses. Maldal.D spreads itself as a file attached to an e-mail with the subject "ZaCker." The body of the message consists of one of several dozen cryptic sentences, such as "nowadays, there is no womanhood!! :P" If the file is opened, the activated worm attempts to delete files associated with popular antivirus applications, including programs from Symantec, McAfee and Zone Labs. The worm also deletes files with common extensions such as .exe, .doc and .jpg, which could destroy enough critical files to render an infected PC unstable or unusable. The worm spreads itself by e-mailing copies of itself to all addresses in the infected PC's Microsoft Outlook address book. Attacking security software is an old trick, Trilling said, noting that the recent Goner worm employed similar tactics. Such efforts are unlikely to work, however, if the security software is running as it's supposed to. "If the software is running all the time in the background, it can't easily be deleted," Trilling said. Business and home PC users were advised to download the latest updates for antivirus software to catch Maldal.D and to reinstall security software to PCs already infected ============================================================ Enter to Win Free Maid Service and More from Pfizer! Win Free Maid Service for 6 Months, a "Day of Beauty" or a Palm Handheld! Enter Now! http://click.topica.com/caaafcTb1dhr0b2EDp2f/Pfizer ============================================================ --via http://techPolice.com archive: http://theMezz.com/cybercrime/archive subscribe: [EMAIL PROTECTED] --via http://theMezz.com ==^================================================================ This email was sent to: archive@jab.org EASY UNSUBSCRIBE click here: http://topica.com/u/?b1dhr0.b2EDp2 Or send an email to: [EMAIL PROTECTED] T O P I C A -- Register now to manage your mail! http://www.topica.com/partner/tag02/register ==^================================================================
