BBC NEWS Americas Africa Europe Middle East South Asia Asia Pacific Arabic Spanish Russian Chinese Welsh

 You are in: Sci/Tech
Front Page 
UK Politics 
Talking Point 
In Depth 

Commonwealth Games 2002

BBC Sport

BBC Weather

Thursday, 20 December, 2001, 10:13 GMT
Festive e-greeting hides virus
Christmas cards, BBC
Many will receive e-greetings instead of traditional cards
A computer virus masquerading as a festive greeting is threatening to bring misery to computer users.

The worm, called Reeezak has popped up in the United States and Europe and, if activated, could destroy data on personal computers.

The virus has been classed as a medium risk and so far it has not spread widely over the internet.

Anti-virus firm MessageLabs said it had detected just over 1,200 attacks by Reeezak, most of them in the UK.

Hidden danger

It is disguised in the form on an e-mail message with the subject line "Happy New Year," bearing an an attachment called "Christmas.exe" designed to fool the recipient into thinking it is a e-greeting.

Be on the lookout for suspicious messages, they may be bearing gifts that you don't want

Ian Hameroff, Computer Associates
Like many other Windows viruses when opened, the attachment plunders any Outlook address book it finds and mails itself to all the contacts it finds there.

The virus also changes the default home page of any copy of Internet Explorer it finds to point to an accompanying website.

Anyone visiting that site will encounter a program that exploits a weakness of Internet Explorer in an attempt to delete the files found in the Windows System directory.

If it suceeds it can render a computer inoperable.

Anti-virus experts say most computer users can expect to receive a flood of e-mails during the festive season.

"Holiday-themed threats, such as Reeezak, remind us that computer users should never let their guard down when using the internet," said Ian Hameroff of anti-virus software firm Computer Associates.

"Be on the lookout for suspicious messages, they may be bearing gifts that you don't want," he said.

Computer Associates has rated the worm, which is also known as W32/Zacker.C@mm and W32.Maldal.C@mm, as a medium to high risk.

See also:

02 Aug 01 | Sci/Tech
Code Red threat tailing off
27 Nov 01 | Sci/Tech
BadTrans computer virus strikes
24 Jul 01 | Sci/Tech
Sircam virus steals files
16 Oct 01 | Sci/Tech
Web attacks on the rise
20 Sep 01 | Sci/Tech
Nimda virus 'on the wane'
28 Nov 01 | Sci/Tech
Devious viruses set to grow
18 Dec 01 | Sci/Tech
Warning of malicious e-cards
Internet links:

The BBC is not responsible for the content of external internet sites

Links to more Sci/Tech stories are at the foot of the page.

E-mail this story to a friend

Links to more Sci/Tech stories