A Not-So-Feliz 'Navidad'
Computers at at least 10 Fortune 500 companies have been infected recently by an annoying but only mildly dangerous Christmas-themed virus that security experts call "Navidad."
The virus, which affects computers using Microsoft's Windows operating system, arrives as a reply when a user sends an e-mail to an infected computer. The attachment, called "NAVIDAD.EXE," is mainly in Spanish, and antivirus experts believe the virus came from South America.
"We've seen at least 100 samples over the last 4 days, including at least 10 Fortune 500 companies," said Vincent Gullotto, top antivirus researcher at security company McAfee.com, adding that many of the virus-ridden e-mails have come from Brazil and Cuba.
When a person opens the Navidad attachment something security experts always warn against unless the user knows what the attachment is a message in Spanish reads: "Never press this button."
If the button is pressed, a message says: "Feliz Navidad. Unfortunately you have given in to temptation and will lose your computer."
But the computer isn't damaged, which Gullotto says may be because the virus is designed for the Spanish version of Windows. But the virus does place on the computer's desktop an icon that looks like an eye, which stops most programs from being run.
"It's not destructive, but it may cause your Windows system to lock up," Gullotto said. The program can be stopped manually, and several antivirus companies have developed software that both removes and protects against the virus.
Several viruses in the past have taken holiday themes. One that appeared last year only damaged an infected computer on Christmas Day.
But while the virus doesn't damage computers, security companies are still warning their customers because Navidad is spreading fast among large corporations.
One security expert familiar with the virus, who spoke on the condition of anonymity, said both the petroleum company ExxonMobil and computer chipmaker Intel have been hit by Navidad.
As with any virus, experts suggest that consumers install an antivirus program and keep it updated at least once a month. They also recommend using an antivirus scanner to check an e-mail attachment before clicking on it.
The Navidad bug is the latest in a string of recent rather cleverly named viruses to infect American computers:
- In August, a computer virus featuring the cuddly Japanese cartoon character Pikachu left some operating systems devastated.
- The "Stages," shut down e-mail systems at four Fortune 100 companies in June, tricking users by generating e-mail messages containing the words "funny," "life stages" or "jokes" in the subject line.
- May saw the "NewLove" or "Spammer" virus begin in the U.S. and it hit computers in Israel. The contaminated e-mail changed its subject line each time it was rsent, which made it harder to protect against.
- The granddaddy of them all, the "Love Bug," which ravaged through millions of computers and caused an estimated $2 billion in damage, began in early May and was traced to the Philippines.