New Netsky virus variant Infects without opening e-mails

Shorty · April 2004

PCs that are not protected by the latest security updates can be infected by a new variant of the Netsky worm without any email attachments being opened.

According to security experts, Netsky.V spreads via email with subjects such as 'Converting message. Please wait...' and 'Please wait while loading failed message...' but has no attachments.

Netsky.V exploits bugs in Microsoft's software, meaning net users can be infected just by reading an email. The worm copies itself to the Windows folder as KasperskyAVEng.exe and adds the registry entry HKLMSoftwareMicrosoftWindowsCurrentVersionRunKasperskyAVEng = KasperskyAVEng.exe.

By creating this entry, Netsky.V ensures it is run every time Windows is started and sends itself to the addresses it has collected from the infected computer, using it own SMTP engine.

Graham Cluley, senior technology consultant for Sophos, said:

"Home users are especially vulnerable to this kind of attack as their computers are often not properly protected with a personal firewall or the latest anti-virus updates."

Be very much on the lookout for this new variant.

Headsup to Dexter for being beady-eyed and getting this noticed fast.

Source: Web User

Dexter · April 2004

Do your updates folks! This one appears to be relatively harmless to your PC, but recent history shows that once a vulnerability is known, copycats come out, and the copycats are often "blended-threats", with worse payloads. Do your Windows Updates, and update your anti-virus software.

No anti-virus software? Look here for recommendations, including some free options!

Dexter...