[Collins] OT: Klez
Phil Galasso
[email protected]
Wed, 31 Jul 2002 20:19:27 -0400
Lately, I have been getting a lot of e-mails containing the W32.KlezH@mm
worm. This worm mails itself out, using names and e-mail addresses from the
address book of the e-mail program on the infected computer. These addresses
are used in both the To: and From: lines of the messages containing the worm
as an attachment.
If you don't have a good anti-virus program on your computers, please get
one. If you have one, please keep it up to date and scan your machines for
this worm. It drops a very destructive payload into the infected computers.
The payload remains dormant until certain dates, then overwrites and
corrupts files. The machine-generated message accompanying the viral
attachment may contain confidential information (such as passwords and
credit card numbers) that the worm extracts from files on the computer. Many
of the infected messages that I am receiving have the callsigns of members
of this list in the From: line. I received three of them today, all
intercepted by my anti-virus program.
Further information may be obtained from www.symantec.com
73,
Phil Galasso
K2PG