New virus poses as security patch

An Internet virus, masquerading as a security update from Microsoft, has been rapidly spreading through e-mail and music-swapping software, slowing or disabling many computers world-wide.

    Microsoft has been specifically targeted over the past month by virus writers

    Experts said the virus, named Gibe-F and Swen, which was first detected on Thursday, arrives as an e-mail attachment posing as a security patch. It then exploits a weakness in Internet Explorer, AFP reported.

    When the e-mail attachment is opened, a message appears saying “This will install Microsoft Security Update. Do you wish to continue?”

    By then it is too late. Even if the user clicks “No” the worm installs itself on the users hard drive.

    Gibe worm

    “Once an attachment carrying the virus is opened, the Gibe worm starts spreading and producing authentic-looking 'install and update' windows,” said the security firm MessageLabs.

    “While doing so, it searches hard drives for e-mail addresses and begins mass mailing out additional copies of itself and attempts to render inactive existing security and anti-virus products, opening users up to future vulnerabilities,” it added.
      
    Many computer users will likely be duped as the new virus follows a rash of others aimed at exploiting vulnerabilities in Microsoft programmes. Past viruses have been neutralised by users downloading a “patch” from Microsoft’s home page.

    "It searches hard drives for e-mail addresses and begins mass mailing out additional copies of itself"

    MessageLabs

    The Finnish security firm F-Secure also noted that the virus can be spread through the KaZaA music-swapping software by copying itself to KaZaA shared folders.

    Blaster

    Last month’s W32.Blaster.Worm carried a hidden message, taunting Microsoft founder Bill Gates.

    “I just want to say LOVE YOU SAN!!” read the message. “billy gates [sic] why do you make this possible? Stop making money and fix your software!!”

    A teenager from the US city of Minneapolis was apprehended by the FBI at the end of August in connection with the cyber attack, which disabled millions of computers world-wide.

    SOURCE: Aljazeera + Agencies


    YOU MIGHT ALSO LIKE

    Survivor stories from Super Typhoon Haiyan

    Survivor stories from Super Typhoon Haiyan

    The Philippines’ Typhoon Haiyan was the strongest storm ever to make landfall. Five years on, we revisit this story.

    How Moscow lost Riyadh in 1938

    How Moscow lost Riyadh in 1938

    Russian-Saudi relations could be very different today, if Stalin hadn't killed the Soviet ambassador to Saudi Arabia.

    We Are Still Here: A Story from Native Alaska

    We Are Still Here: A Story from Native Alaska

    From Qatar to Alaska, a personal journey exploring what it means to belong when your culture is endangered.