BANGALORE: Trend Micro upgraded its alert for
Worm_Netsky.CÂ to a "high
risk" alert, to raise awareness among the users of the worm with high
spread potential. The mass-mailing worm employs several techniques to
avoid detection. Computer users and organizations are advised to not get fooled
by this worm.
Worm_Netsky.C arrives in a common-sounding file attachment,
with brief subject and message lines mimicking a possible message from a known
source. Attachment names, subject and message lines seem to vary from previous
variants, suggesting that the creator may be trying perfect a blend of keywords
and phrases that fool users into opening the worm - relying on an old but
effective trick. Attachments may also bear an icon similar to those used
by Window's programs to appear authentic to the recipient. This worm is
also capable of arriving in a "zipped" or compressed file.
Once executed, Worm_Netsky.C collects addresses from the
infected machine's files, but purposely skips those related to certain security
vendors and organizations, as if to avoid making it known to those who would
combat it.
Trend Micro customers are protected through the latest
pattern file, number 781. Customers of Outbreak Prevention Services should
download OPP 85 to help protect against spread of this threat. For
customers of Damage Cleanup Services, Damage Cleanup template # 268 is
currently available for help with automated restoration of affected systems.