SAN FRANCISCO: A new e-mail virus that promises an eyeful to Internet users
but instead cripples Microsoft Windows swept through companies worldwide on
Tuesday, as anti-virus experts found evidence that linked the worm-type virus to
the Brazilian division of a global French insurance giant.
Dozens of companies reported infections by the virus, dubbed "Naked
Wife" for the salacious lure it uses to hook unsuspecting users. Anti-virus
companies offered cures for the virus on their Web sites by the afternoon.
This destructive worm appears as a forwarded e-mail with "Naked
Wife" in the subject line. Readers who click on the attached file, called
"Naked Wife.exe", will not get a nude picture, but will instead see a
short cartoon followed by a vulgar message, signed by "BGK (Bill Gates
Killer)."
All the while, the virus is deleting key Windows and system files on the
user's PC, rendering the computer unable to start up properly, according to a
spokeswoman for anti-virus software maker, Trend Micro Inc., Susan Orbuch.
Similar to earlier worm-type viruses like Love Letter and Melissa, Naked Wife
can spread quickly by e mailing itself to everyone in a user's Microsoft Outlook
e-mail address book.
Security software maker Symantec Corp. reported that at least 30
corporations, mostly in the United States but also some in Canada and Europe had
been infected by the virus.
By examining the code of the virus program, Symantec researchers discovered
that the virus was apparently written on Monday on a personal computer owned by
a company called "AGF Brasil Seguros" registered to a user named
"MH Santos".
AGF Brasil Seguros SA is a subsidiary of Centrale des Assurance Generales de
France, a leading French insurance conglomerate, and itself a unit of German
insurance giant Allianz AG Holding.
Few major viruses have originated in South America, Trilling said. It was
possible that the code had been deliberately faked, he said.
Users who receive the e-mail should not click on the attachment and should
delete it immediately. The virus, written in the Visual Basic language, deletes
files ending in .bmp, .com, .dll, .exe and .ini in the Windows and Windows
Systems directories. It leaves files outside of those directories, including
most application programs and data files, untouched.
Infected users will not be able to restart their computers and will have to
reinstall the Windows operating system.
(C) Reuters Limited 2001.