Smitten Yet? 'NewLove' Latest Virus
The FBI is tracking the origins of a new e-mail virus and experts warn its even more destructive than the "love bug" that attacked two weeks ago.
The virus - christened "NewLove" or "Spammer," started lurking in computers Thursday evening in Israel but didn't spread as fast as the "ILOVEYOU" virus, which ravaged through millions of computers and caused an estimated $2 billion in damage.
U.S. Attorney General Janet Reno said the federal law enforcement office has opened an investigation into the release of the new bug.
The FBI's top cyber investigator, Michael Vatis said this virus is more sinister than the "love bug" because it can cause more damage and changes subject lines each time it's resent, making it harder to protect against. He said the new virus originated in the U.S. but it was unclear by Friday morning how widespread the latest e-mail virus was.
Federal investigators first got word early Friday morning, and began sending out alerts at around 2 a.m. ET.
|
"It will try to delete every file on your computer and will render it useless," Steven Trilling, Director of Research for anti-virus software maker Symantech Corp., told CBS News. "Another new element about it is it's a self-mutating virus...So it looks different each time and can do a lot of damage."
There are hopes the new virus may not spread as widely because companies have updated seurity since the first "love bug" and the warning is getting out much quicker this time around, Trilling said.
"We've been talking to corporate customers, letting them know this is out there," he said. "In the United States as people come to work, we hope they'll get in early, clean this up, let their users know so that this won't spread too far."
The virus was detected at several large companies late Thursday, said Dave Perry, spokesman for another anti-virus software maker, Trend Micro Inc. At one company, 5,000 computers were infected, said Perry, who would not identify any of the companies affected.
The subject line of an infected e-mail starts with "FW:" and includes the name of a randomly chosen attachment from a previous e-mail on an infected computer. The e-mail will have an attachment with the same name, but ending in ".vbs," the extension for a visual basic script computer file.
Clicking on the attachment will activate the virus. Like the "love bug," it will send itself to everyone in the user's address book. It will then overwrite most files on the hard drive, rendering the computer useless until the operating system is reinstalled.
So far, Microsoft's Outlook is the only e-mail program the virus is attacking, said Anita Chen, a spokeswoman for Trend Micro. Microsoft has said it will next week make available a modification to Outlook that will warn users about suspect e-mail attachments.
|
The CERT Coordination Center, based at Carnegie Mellon University in Pittsburgh said it was receiving queries but no direct reports of sites affected by the new threat.
As of late morning Friday, the center had "received no direct reports of infections related to this virus," said Kevin Houle, an incident response team leader.
The original "love bug" rippled computers worldwide, including at the U.S. Pentagon, and is estimated to have cost $10 billion in damage. A Philippine computer school dropout is under investigation for spreading the cyber-worm.
The relatively simple "love bug" virus was followed some hours later by slightly modified variants, posing as jokes or confirmations of Mother's Day gifts. None of the variants were very widespread.
© 2000 CBS Worldwide Inc. All Rights Reserved. This material may not be published, broadcast, rewritten, or redistributed. The Associated Press and Reuters Limited and contributed to this report