Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email email@example.com
From: InfoSec News (isn_at_c4i.org)
Date: Mon Dec 02 2002 - 01:41:33 CST
Forwarded from: Elyn Wollensky <elynconsect.com>
Friday, 29 November, 2002
Security experts are warning computer users to be on the look-out for
an insulting worm that can seriously harm a PC.
Known as Winevar, the worm is spreading via e-mail as an attachment
that infects computers running Windows.
Winevar has a particularly rude insult, displaying the message: "Make
a fool of oneself: What a foolish thing you've done!"
If users press the ok button, they could lose all the files on their
After infecting a system, the worm disabled security software and
anti-virus programs, launching the W32FunLove.4099 virus.
The worm arrives with the subject line of "Re: AVAR (Association of
Anti-Virus Asia Researchers).
Anti-virus firm Sophos suspects the author has links to the recent
AVAR conference held in Korea.
"Ironically the Winevar worm author seems to have got his inspiration
from a conference intended to reduce the impact of computer viruses,"
said Graham Cluley, Senior Technology Consultant for Sophos.
As part of its payload, Winevar attempts to launch a denial-of-service
attack on the website of US security firm Symantec.
Another side effect of the virus is its ability to change a computer's
settings to create an imaginary file extension ".ceo".
Any future viruses sent with this file extension will be automatically
run on the computer.
"It is quite amusing that in the post-Enron world we find that CEOs
can be dangerous to your PC," said Mr Cluley.
Anti-virus firms have posted information about the worm and users are
advised to check out their websites to find out how to protect
themselves and clean up their PCs.
ISN is currently hosted by Attrition.org
To unsubscribe email majordomoattrition.org with 'unsubscribe isn'
in the BODY of the mail.