A Russian antivirus company apologized Friday for an e-mailed virus alert that was infected with the very worm the message was supposedly designed to warn against. Kaspersky Labs said the message, sent Thursday to subscribers of the company"s "Virus News" e-mail dispatch, had actually been sent by hackers masquerading as the company. The hackers had managed to break into Moscow-based Kaspersky"s computer system and steal the mailing list for the newsletter, the company said.
"We are conducting an investigation to reveal the sources of this attack and are taking the necessary measures...to ensure that this type of attack will never succeed in the future," Eugene Kaspersky, founder and head of research for the company, said in an advisory about the e-mail. To date, the company hasn"t heard of any infections resulting from the tainted message, but it has offered free technical services to anyone who does fall prey to the viral prank. The infected message, sent to some thousands of subscribers, carried a copy of the recently discovered Braid worm.
Braid, also known by Kaspersky Labs as Bridex, hasn"t spread very widely. U.K.-based e-mail service provider MessageLabs intercepts such hostile attachments for its client companies and has seen only a little more than 2,000 copies of the virus in the last 24 hours. That places the malicious program at No. 5 on MessageLab"s daily Top 10 list; the Klez virus leads the pack with over 9,000 infected e-mails intercepted by the company in the last 24 hours.