Preying on public sentiment is the new line of virus attack
Sarah Left
It took just two weeks for the inevitable to occur: someone has written an e-mail virus that exploits the World Trade Centre tragedy, disguising itself as a call for peace.
Security experts say that distribution of the virus is limited at this point but they are concerned that the virus could spread quickly because it looks like hundreds of other petitions, stories and appeals that have circulated on the Internet since the September 11 terrorist attacks.
The e-mail contains the attachment WTC.exe and a subject line that reads: “Peace between America and Islam.”
The text of the message reads in part: “Let’s vote to live in peace.”
Like many other viruses, this one spreads by mailing copies of itself to addresses stored in Microsoft e-mail software. Unlike others, however, the new virus causes more than a slowdown in Internet traffic. It deletes some files and overwrites some Web pages stored on the hard drive.
According to computer security firms Trend Micro and Symantec, the virus overwrites Web files it finds with the following message: “America … Few days will show you what we can do!!! It’s our turn Zacker is so sorry for you.”
Virus writers have exploited events in the past. In late 1999 several viruses pretended to contain software fixes for the Y2K bug. Other virus writers have tried to trick users into opening infected attachments by disguising themselves as love letters or photos of celebrities.
The timeliness and tastelessness of the World Trade Centre virus aside, the most dangerous computer infection out there right now is Nimda, the worm and virus announced last week that exploits a flaw in Microsoft’s IIS Web server software.
Nimda can either appear as an e-mail or infect systems directly as a worm. Microsoft has produced a fix for the hole in IIS that Nimda exploits.