An Internet virus posing as a security update(1) from Microsoft had been spreading quickly through email, security experts said today.
Experts said the virus, named Gibe-F, detected yesterday, arrived as an email attachment(2) masquerading(3) as a security patch. It exploited vulnerability(4) in Internet Explorer.
Users open the email and get a message saying, “This will install Microsoft Security Update. Do you wish to continue?” But experts said the worm installed itself even if the user clicked “No”.
“Once an attachment carrying the virus is opened, the Gibe worm starts spreading and producing authentic-looking(5) ‘install and update' windows,”said the security firm MessageLabs.
“While doing so, it searches hard drives for email addresses and begins mass mailing out additional copies of itself and attempts to render inactive existing security and antivirus products, opening users up to future vulnerabilities.”
“Recent virus outbreaks such as Blaster, Nachi and Sobig-F have raised many users' awareness of computer security, ” said Graham Cluley of the British-based firm Sophos Anti-Virus.
“Users may think it is a good idea to install any security patch which is sent to them. Unfortunately, they may be falling straight into the virus writer's hands.”
Cluley noted that Microsoft and other firms “never send out security patches by email, which makes the Gibe worm a dead giveaway(6)”.
MessageLabs said it intercepted more than 35, 000 copies of the virus across 84 countries.
The initial copies all originated from Slovakia and some later copies originated from the Netherlands, MessageLabs said.
The Finnish security firm F-Secure noted that the virus can be spread through the KaZaA music—swapping software by copying itself to KaZaA shared folders.
“During (the) installation process the worm enables sharing for KaZaA client, copies itself several times into KaZaA shared folders, ” F-secure noted.
Notes:
1.update: n. 更新, 修改
2.attachment: n.附件, 附加装置, 附属品
3.masquerade: v.化装,假冒
4.vulnerability: n.弱点
5.authentic-looking: adj.看起来可信的
6.giveaway: n.泄漏, 免费样品