New Worm Warnings - InformationWeek

InformationWeek is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

IoT
IoT
News

New Worm Warnings

New worm masquerades as E-mail message from Microsoft tech support.

Antivirus vendor Central Command Inc. is warning PC users about a new worm masquerading as an E-mail message from Microsoft Corp.'s tech support. The worm, [email protected], targets executable (.exe) files, encrypting infected files with a random encryption key, making it nearly impossible for victims to access the targeted files.

The worm enters a user's system through the bogus E-mail message with the subject line "Invalid SSL Certificate." The message falsely warns readers that an invalid SSL certificate used by many Web sites may cause a buffer over-run in Microsoft Internet Explorer and enable an attacker to access the user's system. The E-mail also contains the attachment, sslpatch.exe.

Users who click on the attachment will execute the virus, which then seeks a live connection to the Internet. If no connection is found, the virus activates its payload, which searches for all executable files in the directory where the virus resides, as well as the parent directory. It will then encrypt all of the executable files it finds, rendering them useless.

If the virus does find an Internet connection, it will conduct a search for all * .ht * files in the "My Documents" directory. The virus copies an E-mail address from any file that contains a "mailto:" string and then mails a copy of itself using its own E-mail software.

Central Command lists the worm as a medium risk. So far, only one copy of the worm has been reported.

We welcome your comments on this topic on our social media channels, or [contact us directly] with questions about the site.
Comment  | 
Print  | 
More Insights
2020 State of DevOps Report
2020 State of DevOps Report
Download this report today to learn more about the key tools and technologies being utilized, and how organizations deal with the cultural and process changes that DevOps brings. The report also examines the barriers organizations face, as well as the rewards from DevOps including faster application delivery, higher quality products, and quicker recovery from errors in production.
News
The State of Chatbots: Pandemic Edition
Jessica Davis, Senior Editor, Enterprise Apps,  9/10/2020
Commentary
Deloitte on Cloud, the Edge, and Enterprise Expectations
Joao-Pierre S. Ruth, Senior Writer,  9/14/2020
Slideshows
Data Science: How the Pandemic Has Affected 10 Popular Jobs
Cynthia Harvey, Freelance Journalist, InformationWeek,  9/9/2020
Register for InformationWeek Newsletters
Video
Current Issue
IT Automation Transforms Network Management
In this special report we will examine the layers of automation and orchestration in IT operations, and how they can provide high availability and greater scale for modern applications and business demands.
White Papers
Slideshows
Twitter Feed
Sponsored Live Streaming Video
Everything You've Been Told About Mobility Is Wrong
Attend this video symposium with Sean Wisdom, Global Director of Mobility Solutions, and learn about how you can harness powerful new products to mobilize your business potential.
Sponsored Video
Flash Poll