Virus hoax curtails Christmas fun
Published: 15 Dec 1999 11:03 GMT
As if there are not enough computer viruses, a Christmas Grinch has been spreading rumours of a virus attached to three year-end computer games.
Three shareware computer games -- ElfBowling, Frogapult, and Y2KGame -- have become the target of a virus hoax, according to anti-virus firms. "Traditionally at Christmas you always get messages about hoaxes," said Vincent Weafer, director of Symantec's Anti-virus Research Centre. "It's almost part of a tradition now."
More than a week ago, people posting on the alt.com.virus newsgroup were concerned about the possibility that the Elfbowling game has a virus. Those worries were quickly dismissed online, but spread to the public Internet through email warnings. "The warning message seems to be spreading rapidly between companies," said Graham Cluley, senior technology consultant for London-based Sophos Anti-Virus, in a statement. "However, all versions we have seen to date have been completely harmless and uninfected."
The text of the hoax reads:
TO ALL
IF YOU HAVE RECEIVED ANY OF THESE GAMES = FROGAPULT.EXE ELFBOWL.EXE (FROG GAME) & (ELF BOWLING GAME)
PLEASE CAN YOU DELETE THEM COMPLETELY OUT OF YOUR SYSTEM AS THEY BOTH HAVE A DELAYED VIRUS ATTACHED TO THEM THAT WILL BE ACTIVATED ON CHRISTMAS DAY AND WILL WIPE OUT YOUR SYSTEM. LET EVERYONE KNOW OF THIS.
There is little mystery about why the three programs were targeted, said Symantec's Weafer. "All three programs send high scores and some tracking information over the Internet. People were seeing that it was connecting over the Internet, so there was some confusion about what it was doing," he said.
Weafer pointed out that such a program could easily be called a Trojan horse, even though it explains the activities in its Readme file.
While the current files being sent from friend-to-friend across the Internet are currently free from viruses, there is not guarantee that they will remain so, said Sophos' Cluley. "Although the versions of ElfBowl.exe seen by anti-virus companies to date have not been infected that does not mean the file could not become accidentally (or even deliberately) infected in future," he said in the alt.comp.virus newsgroup.
"It may be time to reconsider whether sending (or) accepting executable files willy-nilly amongst your friends and colleagues is really such a good idea."
What do you think? Tell the Mailroom. And read what others have said.
Take me to the Virus Workshop





