Advertisement
Promo

Security threats Toolkit

Mimail supplants Klez as virus spreads

Staff, ZDNet Australia ZDNet Australia

Published: 08 Aug 2003 08:55 BST

  • Email
  • Trackback
  • Clip Link
  • Print friendly
  • Post Comment

The Mimail worm has snatched prime position away from Klez by becoming the fastest spreading Internet menace, according to mail filtering company MessageLabs.

The veteran Klez, which was discovered all the way back in April last year, has slipped to second position in only a week following Mimail's stunning debut as the Internet's new "bad boy" on the block.

The company has detected 143,709 copies of Mimail since 1 August, but the "all time high" prize will probably remain unchallenged for a while longer -- MessageLabs has seized 7,192,232 copies of Klez over the last 18 months or so.

Despite being far less complex than the Klez worm, which used network shares and emails to spread, the Mimail worm uses a social engineering technique to trick a user into opening an attachment.

The message is disguised as an announcement from the target's ISP administrator -- it invariably "spoofs" the address "admin@targetdomain.xxx". The attachment itself is a HTML file that exploits a vulnerability in Internet Explorer -- it executes itself and begins to spread.

Far from ripping through corporate systems, both worms have been felt most by home users, says security consultant Daniel Lewkovitz.

"Most domestic users either don't realise that there's more to email security than having up to date anti-virus," he told ZDNet Australia . "Things like Klez have all but disappeared in the corporate world but are still rampant out there."

He says getting the message across to the mums, dads and grandparents is tough -- they simply don't understand that they need to patch their systems.

According to its product security manager George Stathakopoulos, Microsoft is currently conducting an education campaign to better inform users of the risks of running software that isn't up to date, but is being careful not to force the message on people.

Anti-virus researcher Hamish O'Dea of Computer Associates says Mimail's infection rate will probably slip as time moves on.

  • Email
  • Trackback
  • Clip Link
  • Print friendlyPrint with EPSON

Did you find this article useful?
73 out of 142 people found this useful


In association with HP

Talkback

Post a comment


Full Talkback thread

0 comments

Related Links

More In Security threats



Company/Topic Alerts

Create a new alert from the list below:



Related BlackBerry Resources

Protecting the BlackBerry Device Platform Against Malware

BlackBerry Devices with Bluetooth - Security Overview

BlackBerry Enterprise Server IT Policy

BlackBerry Enterprise Solution - Security Technical Overview

BlackBerry Enterprise Solution and RSA SecurID

CIO's Guide to Mobile Security

See All White Papers

Video icon

Video

Sentry Posts Blog

McKinnon lawyers seek judicial review

Lawyers seeking a judicial review for Nasa hacker Gary McKinnon lodged fresh evidence of his psychiatric state at the High Court on Thursday. Karen Todner, McKinnon's solicitor,... More

1 comment

Beware of keeping your head in the clo...

Information security professionals can look forward to a deepening appreciation for their skills as security continues to be recognised as an essential element for doing business in... More

1 comment

Civil liberties groups attack file-sha...

Civil liberties and digital rights organisations have strongly criticised Lord Mandelson's Digital Economy Bill. Liberty said in a position paper on Tuesday that the bill, part of... More

Post a comment


Skip Sub Navigation Links to CNET Brand Links

Help

Become part of the ZDNet community.

ALL TOOLKITS

Blogs

Newsletters