New Virus -- anyone know anything about it yet?

Just rec'd from our IT people:

"There is a new virus that has been password protected and therefore cannot be scanned in the traditional way. We have been able to isolate the virus thru our system, however, that may not be the case externally.

"UNTIL FURTHER NOTICE, PLEASE DO NOT DOWNLOAD ANY TYPE OF MAIL FROM ANY OUTSIDE SOURCES (Yahoo, Hotmail, MSN, etc.)"

http://securityresponse.symantec.com/avcenter/venc/data/w32.beagle.k@mm.html

how can you open it to get infected??

It's password protected to prevent antivirus tools from searching it.

This is what it looked like:

***
From: support@xxxxxxx.net
Subject: Important notify about your e-mail account
Dear user, the management of xxxxxxx.net mailing system wants to let you know that,

Your e-mail account has been temporary disabled because of unauthorized access.

Pay attention on attached file.

For security purposes the attached file is password protected. Password is "74300".

Best wishes,
The xxxxxxx.net team http://www.xxxxxxx.net
*****


It had an attached zip file which I presumed included instructions on how to install the executable. I knew it was a virus as I own my domain. Apparently one of my aunt's friends didn't have the same fortune. Her e-mail address appeared in the "return path" of the header so I let her know I received it and sent her the norton link.

This is a sneaky one because the average home surfer will not recognize that this is a virus and will do what ever the zip tells them to. I've warned all my family and friends. Hopefully it will be the last one I receive.

I wirk for a major defense contractor, and last week I got several e-mails from people I didn't recognize, with ZIP files attached. Our IT folks told us to delete any suspicious e-mails like this without opening the ZIP files, and then emptying our recycle bins to remove them completely from the system.

We also got similar e-mails from people with military e-mail accounts, so it looks like our government customers were also infected.

And always with a .php or .zip extension.

I delete that crap immediately.

I try to keep that kind of crap out of our internal system! Users who open external email have been cautioned that if they open their outside email without verifying their antivirus settings are current are on our permanent shit list.

But the good ole virus catcher caught it when I right-clicked it to delete, didn't reconize the sender. Alerted IT about it and they are jus now updating the e-mail server.

GEP

:bounce: