In something of a blast from the past, an email borne worm has been sighted spreading around the internet.
Although we’ve not seen too many actual attacks from this, it’s been widely reported in the media, perhaps as it’s quite a novelty these days to see a worm spreading in this way.
It spreads itself as an executable in email, but disguises itself as a PDF file, when executed it attempts to download some other malicious files on the victim machine, and drops some files in an attempt to let the worm spread via autorun.
K7 Total Security detects this worm as “Emailworm (0019e4ae1)” (yeah, it’s that uninteresting!)
Full information is here:
http://viruslab.k7computing.com/index.php?option=com_k7virus&view=showvirus&Itemid=1&id=818
If you’re interested in more, Dan Goodin has written a short piece about the worm on The Register http://www.theregister.co.uk/2010/09/10/email_worm_spreading/
Andrew Lee
CTO K7 Computing
