Cambridge, United Kingdom, March 7, 2001 - Kaspersky Labs, an international data-security software-development company, warns computer users of the new dangerous Internet-worm "Naked" spreading via e-mail. Kaspersky Labs has already received several reports of the worm "in-the-wild." "Naked" spreads...
Cambridge, United Kingdom, March 7, 2001 - Kaspersky Lab, an international data-security software-development company, warns computer users of the new dangerous Internet-worm "Naked" spreading via e-mail. Kaspersky Lab has already received several reports of the worm "in-the-wild."
"Naked" spreads via e-mail by sending infected messages from infected computers. While spreading, the worm uses MS Outlook and sends itself to all addresses found in the MS Outlook address book. The infected messages appear as follows:
Attached file name: NakedWife.exe
The Subject: Fw: Naked Wife
Message body:My wife never look like that! ;-)
Best Regards,
[CurrentUser]
where [CurrentUser] is the name of the particular current user.
When run (if a user clicks on an attached infected file), the worm sends its copies by e-mail, and activates its destructive payload: it deletes all files with .INI, .LOG, .DLL, .EXE, .COM, and .BMP extensions in the Windows directory, and .INI, .LOG, .DLL, .EXE, and .BMP in the Windows system directory.
The worm does not install itself into the system, and does not tamper with the system registry. This is a "direct action" worm that performs its action only once, being activated from an infected message.
When run, the worm displays a fake window with a "Macromedia Flash Player" picture in it, and displays a "Loading", "Loading...", "Loading..." message in an endless loop.
"In this case, we are dealing with a very ordinary Internet-worm not using any unique techniques to penetrate into users' computers. Just like the vast majority of the malicious code of this type, it exploits the so-called "mind breaches" luring a user into running an infected file simply because of the intriguing name," said Denis Zenkin, Head of Corporate Communications for Kaspersky Lab.
Protection against the "Naked" worm has already been added to the KasperskyTM Anti-Virus daily anti-virus database update. More details about the worm are available at Kaspersky's Virus Encylopedia.
Kaspersky Anti-Virus can be purchased in the Kaspersky Lab online store or from a worldwide network of Kaspersky Anti-Virus distributors and resellers.
