New Netsky virus variant Infects without opening e-mails!

DexterDexter Vancouver, BC Canada
edited April 2004 in Spyware & Virus Removal
http://www.web-user.co.uk/news/48420.html

PCs that are not protected by the latest security updates can be infected by a new variant of the Netsky worm without any email attachments being opened.

According to security experts, Netsky.V spreads via email with subjects such as 'Converting message. Please wait...' and 'Please wait while loading failed message...' but has no attachments.

Netsky.V exploits bugs in Microsoft's software, meaning net users can be infected just by reading an email. The worm copies itself to the Windows folder as KasperskyAVEng.exe and adds the registry entry HKLM\Software\Microsoft\Windows\CurrentVersion\Run\KasperskyAVEng = KasperskyAVEng.exe.

By creating this entry, Netsky.V ensures it is run every time Windows is started and sends itself to the addresses it has collected from the infected computer, using it own SMTP engine.

Graham Cluley, senior technology consultant for Sophos, said: "Home users are especially vulnerable to this kind of attack as their computers are often not properly protected with a personal firewall or the latest anti-virus updates."

Security experts advise you to check Microsoft's security update website, which can scan your home PC for security vulnerabilities and suggest which critical patches need to be installed.
This discussion has been closed.