Advertisement
Promo

Security threats Toolkit

Netsky.D worm spreading at 'record speed'

Munir Kotadia ZDNet.co.uk

Published: 01 Mar 2004 15:00 GMT

  • Email
  • Trackback
  • Clip Link
  • Print friendly
  • Post Comment

A new variant of the Netsky worm was spreading very quickly on Monday. The news comes on a day where firms are already dealing with five new variants of the Bagle worm.

Previous Netsky worms scanned the hard drives of infected computers to collect email addresses, which were then used to spread the worm via a built-in SMTP email engine. The worm also copied itself to any shared folders it discovered. The latest variant is different because it does not copy itself into a "shared" folder and is slightly smaller in size.

However, the worm is spread as an executable attachment and will cause infected computers to play a series of beeps from their PC speakers between 6 a.m. and 8.59 a.m. on 2 March.

Graham Cluley, a senior technology consultant for Sophos, told ZDNet UK that Netsky.D is already filling up email gateways and is expected to get much worse before it gets better. "We are getting reports from companies that thousands of copies of the virus have started clogging up their email systems -- in a similar way to the Sobig virus last year," he said.

According to Cluley, these types of worms are as much of a spam problem as they are a virus problem: "The main problem this kind of virus causes is it turns your email connection into porridge because it clogs it up. Even if you are stopping the virus at your gateway, your gateway has to churn through all this extra email it is suddenly receiving," he said.

Cluley said the worm will spread even more as the US "wakes up" and  Americans start turning on their PCs. "America has just woken up and will be opening its inboxes, and hopefully won't be double-clicking on the attachment, but we anticipate the worm will increase in its prevalence over the coming hours," he said.

Finnish security company F-Secure has given Netsky.D its highest alert (Level 1) because the worm continues to spread at "almost record-breaking speeds".

  • Email
  • Trackback
  • Clip Link
  • Print friendlyPrint with EPSON

Did you find this article useful?
69 out of 126 people found this useful


In association with Network Liberation Movement

Talkback

Post a comment


Full Talkback thread

2 comments

  1. please update all the anti virus program in order... jack
  2. yah i had that virus and for some reason my fire w... Anonymous

Related Links

More In Security threats



Company/Topic Alerts

Create a new alert from the list below:





Related Jobs

Senior .Net Developer (C#, ASP.Net) Spread Betting

J2ME Mobile Software Developer, Financial Spread Betting, City

Agile WPF, Sports Spread Betting - London

Related BlackBerry Resources

Protecting the BlackBerry Device Platform Against Malware

BlackBerry Devices with Bluetooth - Security Overview

BlackBerry Enterprise Server IT Policy

BlackBerry Enterprise Solution - Security Technical Overview

BlackBerry Enterprise Solution and RSA SecurID

CIO's Guide to Mobile Security

See All White Papers

Video icon

Video

Sentry Posts Blog

Authentication risks all too human

Risks to successful online banking identification and authentication using smartcards involve a mixture of human and technological factors, according to the European Network and Information... More

1 comment

Opera censors Chinese content

Opera has updated the Chinese version of its mobile browser to stop users accessing restricted content. Opera Mini was updated on Friday from an international to a Chinese version,... More

2 comments

Symantec website breached

Security company Symantec has said that one of its websites was successfully breached. Romanian security researcher 'Unu' posted details of the breach in a blog post on Monday. Unu... More

Post a comment


Skip Sub Navigation Links to CNET Brand Links

Help

Become part of the ZDNet community.

ALL TOOLKITS

Blogs

Newsletters