WP gets his 15 minutes of fame: "A new computer "worm"
called ExploreZip is not yet
spreading as quickly as the Melissa virus did, but has the potential to be
much more costly, said Wes Wasson, director of product marketing in
Network Associates Inc.'s Security Division.
That's because while the Melissa virus simply clogged victims' e-mail
boxes with messages containing lists of pornographic Web sites,
ExploreZip actually begins to delete files on the hard drives of infected
computers, Mr. Wasson said.
Mr. Wasson said that ExploreZip is technically not a virus, which
replicates itself, but rather a computer worm, which spreads itself by other
means.
In the case of ExploreZip, the worm spreads through Microsoft Corp.
e-mail programs like Explorer and Outlook. Mr. Wasson said Network
Associates has not yet determined if the worm is also spreading through
other e-mail programs.
ExploreZip is activated when a user opens an executable program with the
file name "zipped_files.exe" attached to an incoming e-mail message
containing the worm. Once activated, the worm not only begins to delete
files on the infected computer's hard drive, but also replicates itself by
responding to all incoming e-mail messages -- sending itself out as an
attachment.
Network security experts believe ExploreZip, which was first detected
Wednesday, originated in Israel.
Mr. Wasson estimates the number of ExploreZip infections is already "at
least in the thousands" and could increase over the coming days. He
pointed out that a recipient is likely to open a file containing the worm since
it will probably look as if it is coming from an acquaintance.
Network Associates has already received reports of infections from major
corporations in the U.S., Germany and France.
The company, which regularly performs risk assessments on computer
viruses and worms, has upgraded its rating on ExploreZip to "high" -- its
top rating -- from "medium."
Mr. Wasson noted that this is only the third "high" rating assigned by the
company since the Melissa virus hit.
Consumers who fear that their computers have been infected by the worm
can go to the McAfee Clinic on Network Associates' McAfee.com Web
site (www.mcafee.com) for a free scan. |
