Virus hoax dupes users into destroying files
Published: 17 May 2002 08:19 BST
An e-mail hoax posing as a virus advisory is surfing across the Internet on a wave of PC user naivete.
The fake advisory warns users of the file "jdbgmgr.exe," purportedly a virus that damages a victim's computer system two weeks after first infecting the PC. The hoax has been forwarded by users who believe they have been infected and need to tell other victims to clean out the virus.
In reality, the component is the Java Debugger Manager and is part of the Java software installed on all Windows systems. If deleted, its absence could cause some Java applets and JavaScript to stop working, said Sharon Ruckman, senior director of security response for antivirus company Symantec.
To confuse matters, a virus known as W32.Efortune actually does infect the Java Debugger Manager file. However, that virus has failed to spread widely.
"We are seeing quite a bit of users (who are infected) on our online forums," said Ruckman. "It's picking up steam."
The month-old hoax has been passed from one would-be Samaritan to another, and it can be identified by its text.
"I just got this message from a contact," the e-mail message will generally start. "Sure enough, my address book was infected, which means yours will be also. I have the fix below. I have both McAfee and Norton Antivirus and neither caught it."
"The virus (called jdbgmgr.exe) is not detected by Trend Penicillin, Norton or McAfee antivirus systems," it continues. "The virus sits quietly for 14 days before damaging the system."
The hoax is nothing new, Ruckman said.
"This is not the first time someone has gone after a system file," she said. A year ago, another hoax targeted the system file "sulfnbk.exe," a Windows component that restores long file names.
The hoax has been translated into four other languages besides English: Spanish, French, Portuguese and Italian.
"If you ever get an e-mail and it tells you to send it out to as many people as possible, that should give you pause," Ruckman said.
For all security-related news, including updates on the latest viruses, hacking exploits and patches, check out ZDNet UK's Viruses and Hacking News Section.
Have your say instantly, and see what others have said. Go to the Security forum.
Let the editors know what you think in the Mailroom.
Did you find this article useful?
59 out of 95 people found this useful
- Share this article:
