Snow White: Who's been sleeping in my Inbox?
Published: 06 Jun 2001 10:37 BST
Snow White may be something of a fairytale to most, however, in cyberspace it's a virus which has enormous staying power. This time, she's had a makeover.
The Troj_Hybris.b email virus -- otherwise known as Snow White -- is a variant of the original virus detected in November last year. According to Trend Micro there have been several variations of the virus since, all of which behave in the same manner.
"It's a constant threat. It has a lot of staying power," a Trend Micro spokesperson said.
Currently, the virus is rated number two on Trend Micros "Top Ten" virus list. The worm is not destructive, although it propagates itself via email to everyone in the user's inbox. According to Trend Micro, the real concern is that the trojan worm disguises itself so the origin of the email is hard to track. The source continues to spread the virus unbeknownst to the infected sender.
The spokesperson describes the virus as a "sleeper" virus, in that "it can remain undetected if you don't have the appropriate virus protection and can perform its 'spamming' action without the infected sender knowing it's there."
The worm infects a file on the computer which once re-booted, executes the virus and sends itself again.
The email includes a randomly selected name as an attachment, which can't be blocked by networks that detect a virus by its filename.
The message always reads: Today, "Snowhite was turning 18. The 7 Dwarfs always where very educated and polite with Snowhite. When they go out work at morning, they promissed a *huge* surprise. Snowhite was anxious. Suddlently, the door open, and the Seven Dwarfs enter..."
Is your PC safe? Find out in ZDNet UK's Viruses and Hacking News Section.
Have your say instantly, and see what others have said. Click on the TalkBack button and go to the Security forum.
Let the editors know what you think in the Mailroom. And read other letters.
Did you find this article useful?
24 out of 54 people found this useful
- Share this article:
