Antivirus vendors urge updates to guard against file-destroying Klez.
Antivirus firms F-Secure and Central Command are warning that the Klez.e worm, which can delete files, halt the work of security programs, and spread itself when an infected e-mail is opened, is set to trigger on Wednesday. Users are urged to update antivirus definitions and scan their PCs as soon as possible.
The Klez worm is much like any other self-propagating, mass mailer worm, in that it harvests e-mail addresses from the Windows address book of infected PCs and sends itself to addresses listed there, according to F-Secure. Unlike some other worms, though, Klez also grabs addresses from the chat program ICQ and appears in in-boxes with multiple subject lines. Among the subject lines Klez uses are "how are you," "let's be friends," "your password," "some questions" and "congratulations," F-Secure said in its alert. The worm even masquerades as a virus alert, the company said.
The worm is automatically executed when an infected message is opened, according to F-Secure, and infected messages are then sent using a Simple Mail Transfer Protocol (SMTP) engine built into Klez. Infected messages do not necessarily have an attachment to open--spreading the worm can occur simply by opening an infected e-mail.
News source: PCWorld.com
View: The Full Story
View: Virus Info - McAfee W32/Klez.e@MM