[an error occurred while processing this directive]
BBC News
watch One-Minute World News
Last Updated: Thursday, 26 February, 2004, 16:30 GMT
More virus misery for mail users
Calendar on computer screen
This is proving a bad month for viruses
February is proving to be a bumper month for Windows computer viruses.

Just as people were clearing up after the MyDoom virus, mutant versions of that malicious program appeared that prolonged the trouble it caused.

Security firms are now warning about a fresh batch of viruses all of which are bent on causing havoc for PC users.

Top of the current list of threats is Netsky.C, followed by the destructive MyDoom.F worm and the Bizex worm that travels via the ICQ instant messenger.

Malicious crop

Thanks to the MyDoom.A virus February 2004 looks like being one of the worst months ever for the numbers of malicious programs circulating on e-mail.

MyDoom.A has become the most active virus ever according to MessageLabs which has caught more than 54m copies of it since it first appeared on 25 January.

SAMPLE NETSKY.C SUBJECT LINES
Re: important
I'm back!
stolen
excuse me
Re: does it?
read it immediatelly
trust me
illegal...
MyDoom.A shut down on 12 February thanks to a built-in timer but MessageLabs has still been catching other viruses in large numbers this month.

As well as MyDoom.A, virus firms have issued warnings this month about variants of this virus called Doomjuice and Deadhat.

There have also been alerts about the Bagle.B virus and now users are being asked to look out for Netsky.C, MyDoom.F and Bizex.

Netsky.C is the fastest spreading of this trio and it moves around via e-mail as well as network drives.

Virus variants

Like many other Windows e-mail viruses, the program tries to trick people into opening it and then, when set off, plunders the contacts file in Outlook and mails itself to every address it finds.

It also tries to spread via file-sharing networks such as KaZaa, Bearshare and Limewire if they are installed on a machine it manages to infect.

It tries to make itself hard to spot by choosing its subject line from a long list included in the virus.

SAMPLE NETSKY.C MESSAGES
I 've found your bill!
You are infected. Read the details!
is the pic a fake?
Antispam is turned off. See file!
do not open the attachment!
is that your beast?
you look like an ape!
something is not ok
Sample subject lines include "Delivery Failed", "fake?", "Re: information", "Re: Re: Re: Re:" and many others.

The message body is equally varied. Samples include "", "here is the document.", "*lol*", "are you a teacherin the picture?" and lots more.

The attachment containing the virus poses as pornography, cracks for Microsoft programs and the Sims and even virus source code.

Commonly the attachment is disguised as a .zip file.

Between the hours of 6 and 9am local time on 26 February machines will betray the fact that they are infected by beeping regularly.

The worm can be caught by machines running Windows 95, 98, ME, NT, 2000 and XP.

The B variant of Netsky has been catching out a lot of people too.

Other viruses that people need to be on the lookout for include MyDoom.F and Bizex.

The F variant of MyDoom is a nasty version of the original that deletes files rather than just uses machines to help itself spread.

Like other MyDoom variants this version travels via e-mail and tries to trick people into opening it.

Users of the popular ICQ instant message program are being told to look out for the Bizex worm.

This malicious program spreads through the messaging system and plunders ICQ address books for new places to travel to.


SEE ALSO:
Mydoom mutants mount new attacks
10 Feb 04  |  Technology
Bounty on creators of e-mail worm
28 Jan 04  |  Technology
Viruses make criminal move
31 Dec 03  |  Technology
Viruses turn to peer-to-peer nets
20 Jan 04  |  Technology
'Gamer's virus' aims to hit users
18 Feb 04  |  Technology
Why people write computer viruses
23 Aug 03  |  Technology


RELATED INTERNET LINKS:
The BBC is not responsible for the content of external internet sites


PRODUCTS AND SERVICES

News Front Page | Africa | Americas | Asia-Pacific | Europe | Middle East | South Asia
UK | Business | Entertainment | Science/Nature | Technology | Health
Have Your Say | In Pictures | Week at a Glance | Country Profiles | In Depth | Programmes
Americas Africa Europe Middle East South Asia Asia Pacific