Fast Spreading Threat Infecting Computers Around the Globe

Norton Tracking New Threat Affecting Potentially Hundreds of Thousands of Computers

News provided by

Norton

Sep 09, 2010, 09:15 ET

CULVER CITY, Calif., Sept. 9 /PRNewswire/ --

What/Why:

Thursday, Sept. 9th, 2010, Symantec Security Response began actively tracking a new, malicious computer worm that spreads using a socially engineered e-mail attack.



The threat arrives via an e-mail that asks the recipient to click on a link embedded in the e-mail. This link actually points to a malicious program file that is disguised as a PDF file, hosted on the Internet.




When the user clicks on this link, their computer instantly downloads and launches the malicious file. This process installs the worm onto the victim's computer– without the user knowing!




Initial analysis indicates that the worm disables many common antivirus products (but it does not successfully attack Norton/Symantec products). Once running on the computer, the threat attempts to e-mail a copy of the original e-mail to all e-mail addresses found in the infected user's e-mail address book.




The threat also attempts to spread from computer to computer over the local network (to other machines on your home or office network) by copying itself to open drive shares found on other machines on the network. Once the threat copies itself to another machine, if a user even opens the folder that contains the threat on this new machine, this will launch the threat and cause it to spread further through both e-mail and over shared drives.


Threat Details:

The worm uses e-mail for its initial propagation (an e-mail purporting to include a link to a requested document).  Once inside corporations it can spread rapidly via shared drives and removal drives.  It also attempts to spread via e-mail by gathering e-mail addresses from the compromised computer.




Once the link is followed, it proceeds to download the actual malicious threat W32.Imsolk.B@mm which infects the compromised machine.




Because of how the threat is spreading – through the use of e-mail – and due to the large volume of messages being automatically created, we have seen evidence of e-mail servers getting "clogged" with these messages, becoming overwhelmed and being brought to a standstill.


Experts/Tips:

Security experts are on hand to share tips with users on how they can protect themselves from these kinds of scams, including:

  • Disable network sharing and/or disconnect infected computers from the local network and Internet.

  • Block outbound traffic to the domains/ IP addresses contained in the social engineered e-mail to prevent users connecting to distribution sites to download.

  • Use a complete Internet security suite like Norton Internet Security 2011, which can detect and remove the threat.

  • Additional information may be found on the Symantec Security Response Blog at: http://www.symantec.com/connect/blogs/new-round-email-worm-here-you-have



WHEN:

Interviews with security experts available upon request via Skype, telephone and on-camera


CONTACT:

Gerritt Hoekman

Edelman for Norton


323-202-1895

[email protected]

SOURCE Norton

WANT YOUR COMPANY'S NEWS FEATURED ON PRNEWSWIRE.COM?

icon3
440k+
Newsrooms &
Influencers
icon1
9k+
Digital Media
Outlets
icon2
270k+
Journalists
Opted In
GET STARTED

Also from this source

Don't Let Scammers Steal Your Holiday Cheer: New Norton Report Reveals Nearly Half of U.S. Consumers Were Targeted by a Scam While Online Shopping

Don't Let Scammers Steal Your Holiday Cheer: New Norton Report Reveals Nearly Half of U.S. Consumers Were Targeted by a Scam While Online Shopping

Holiday shopping is in full swing, with over 60% of Americans ready to click "add to cart" for most of their purchases this holiday season. But it's...
More Releases From This Source

Explore

Computer & Electronics

Computer & Electronics

High Tech Security

High Tech Security

News Releases in Similar Topics