A destructive new mass-mailing Internet worm has been launched into the wild in the form of a Trojan horse targeting the security-conscious.
The worm, which has been named "Yarner" by virus researchers, apparently got its start in a fraudulent e-mail sent sometime Monday to fans of Trojaner-Info.de, a German site specializing in information about malicious code.
The bogus message, written in German, purports to be a newsletter from Trojaner-Info announcing a new release of an actual anti-Trojan program hosted at Trojaner-Info called Yet Another Warner (YAW). The message's subject line is "Trojaner-Info Newsletter."
The booby-trapped yawsetup.exe attached to the bogus e-mail is actually designed to mail copies of itself to addresses in the victim's Microsoft Outlook address book. The worm may also delete all files on the victim's hard disk, according to an analysis by anti-virus companies.
A message at the Trojaner-Info.de site today warned of the Yarner Trojan and said the e-mail used to spread the worm was forged. The site's operators insisted they were not responsible and would never distribute program code by e-mail.
Symantec has assigned Yarner a "moderate" risk-rating. Kaspersky Labs reported that the worm is spreading rapidly in Germany.
News source: NewsBytes
View Virus info: Symantec - w32.yarner.a@mm and Kaspersky Lab VirusList.com - I-Worm.Yarner