ZDNet UK


Skip to Main Content

ZDNet.co.uk - Winner of Best Business Website 2007
  1. Home
  2. News
  3. Blogs
  4. Reviews
  5. Prices
  6. Resources
  7. Community
  8. My ZDNet

 

ZDNet UK RSS Feeds


IT Jobs

Online business Toolkit

MyParty worm is an unwelcome guest

Wendy McAuliffe ZDNet.co.uk

Published: 28 Jan 2002 13:51 GMT

  • Email
  • Trackback
  • Clip Link
  • Print friendly
  • Post Comment

The first email worm to use the .com extension has been spotted in the wild over the weekend. Antivirus experts are currently rating the MyParty virus as a medium risk.

Initial reports of the mass-mailing worm were received on Sunday evening, and the rate of infection steadily increased overnight and on Monday morning. The email arrives with the subject line, "new photos from my party," and purports to contain the URL to a Web page containing pictures of a friend's party. But what appears to be the URL www.myparty.yahoo.com is in fact an executable attachment capable of infecting a local machine with a copy of the virus. The real www.myparty.yahoo.com URL points to a non-existent page.

MyParty is the latest in a line of 'socially engineered' viruses that rely on the user to click on an attachment to spread the virus. "People have tended to go for the easy .exe attachment, as it still manages to lure people into double clicking," said David Emm, product marketing manager for McAfee AVERT. "But in the last six months, attachments have been replaced with URLs that link to an infected Web site."

The worm is UXP compressed, and when clicked on, copies itself to the C:\Recycled\regctrl.exe and executes that file. It then uses the victim's default SMTP mail server to send itself out to all addresses found in the Windows Address Book and addresses found within .DBX files. DBX files are where Windows archives emails from Outlook.

According to Emm, both corporate and home PC users will be equally affected by the "myparty" worm.

"People can't resist something like this. The emails are close enough to everyday life and legitimate emails to put people off-guard. Nine out of 10 emails like this will be bona fide."

For all security-related news, including updates on the latest viruses, hacking exploits and patches, check out ZDNet UK's Viruses and Hacking News Section.

Have your say instantly, and see what others have said. Go to the Security forum.

Let the editors know what you think in the Mailroom.

  • Email
  • Trackback
  • Clip Link
  • Print friendly Print with Kyocera

Did you find this article useful?
44 out of 102 people found this useful


Talkback

Post a comment


Full Talkback thread

0 comments

Related Links

More In Online business



Company/Topic Alerts

Create a new alert from the list below:









Sentry Posts Blog

GoDaddy suspends travel-getaways.com d...

I'm very pleased to say that GoDaddy has suspended the travel-getaways.com domain. I blogged in June that to my surprise I had found I was the site administrator for travel-getaways.com,... More

1 comment

Hello, I知 a PC. I知 a Handheld.

Hello, I知 a PC. I知 a Handheld. Author: Eric Everson, Founder MyMobiSafe.com I have said it before and I am sure I値l say it again, mobile devices are simply replacing computers.... More

Post a comment

Please educate your clients!

This extremely short post appeared following a meeting with a decision maker of a potential client. During the conversation I realized that this highly respected and well paid top manager... More

2 comments

Featured Talkback

I wonder, who needs .asia domain? I cannot imagine, what would be useful for Microsoft.asia? Toyota.asia? Then let's register .europe (if .eu is too short). Or perhaps Microsoft.southamerica, Dell.australiaandnewzealand, Coca-Cola.africa... Sound funny? Then why not just use the global and country domains? Or perhaps it is time to drop the domains at all?

By: LadyRoot

Read full story:
Businesses advised to register .asia domains