ZDNet UK


Skip to Main Content

ZDNet.co.uk - Winner of Best Business Website 2007
  1. Home
  2. News
  3. Blogs
  4. Reviews
  5. Prices
  6. Resources
  7. Community
  8. My ZDNet

 

ZDNet UK RSS Feeds


Industry watch Toolkit

Fake virus warning carries worm

Matthew Broersma ZDNet.co.uk

Published: 15 May 2001 11:03 BST

  • Email
  • Trackback
  • Clip Link
  • Print friendly
  • Post Comment

Computer worms have tried all sorts of ploys for tricking users into activating them, but the latest is particularly sneaky -- it masquerades as a virus warning from Symantec, a well-known anti-virus firm.

Symantec has confirmed the existence of the worm, known as VBS.Hard.A@mm, VBS/Hard-A, or VBS/Hard@mm, and created software to detect it. So far, the virus has a low geographical distribution and has infected a small number of sites, according to a Symantec report published earlier this week.

The worm distributes itself -- like several in the past, including Love Letter Homepage -- as an attachment to an email message. The message is called "FW: Symantec Anti-Virus Warning," and claims to contain a description of a non-existent worm in an attached file.

When the attached file, www.symantec.com.vbs, is activated it changes the Microsoft Internet Explorer home page to a fake Web page, warning against a non-existent worm called VBS.AmericanHistoryX_II@mm. It also causes Outlook to send copies of the fake virus warning to all users in the address book.

On every 24 November, the computer will display the enigmatic message, "Don't look surprised! It is only a warning about your stupidity. Take care!"

The worm is relatively non-destructive, and to undo its effects, Symantec recommends deleting several files, making changes to the Windows registry and resetting the Explorer home page.

Microsoft has come under repeated criticism for allowing worms, such as VBS.Hard.A@mm and Love Letter, to proliferate by leaving the Visual Basic scripting tool active in the operating system, even though it is rarely used. Even when they cause relatively little damage, such worms can bring down entire corporate networks by sending out thousands of illicit emails.

Is your PC safe? Find out at the Hackers News Special.

How can you protect your PC from viruses? Find out at the Virus Workshop

Have your say instantly, and see what others have said. Click on the TalkBack button and go to the Security forum.

Let the editors know what you think in the Mailroom. And read other letters.

  • Email
  • Trackback
  • Clip Link
  • Print friendly
  • Post Comment

Did you find this article useful?
32 out of 73 people found this useful


Talkback

Post a comment


Full Talkback thread

0 comments

Related Links

More In Industry watch


Company/Topic Alerts

Create a new alert from the list below:













Discussions

Tom Espiner Tom Espiner

Nasa and the virus

Friday 29 August 2008, 3:26 PM

2 comments
Christian Harris Christian Harris

Physiotherapy Gets Virtual

Friday 29 August 2008, 3:05 PM

3 comments
dogStar dogStar

Can it render standards compliant code...

Friday 29 August 2008, 3:00 PM

2 comments
1000056783 1000056783

IE 8

Friday 29 August 2008, 2:49 PM

2 comments

View All

Featured Talkback

When all is said, if Microsoft produce the best product people will buy it and thats a good thing. If people have to buy their product because no one else can produce an alternative, only because interoperability protocols are kept secret, then thats a bad thing.

By: pround

Read full story:
EU court crushes Microsoft's antitrust appeal