Another Virus Reported, Leaves Little Damage

BOSTON (05/30/2000) - What's a week without reports of another e-mail virus outbreak?

A virus patterned on last year's highly damaging Melissa worm crept into the wild on Friday morning, but the new one - nicknamed the Killer Résumé - doesn't appear to have found its way to many computers thus far. For example, the Computer Emergency Response Team (CERT) at Carnegie-Mellon University in Pittsburgh said it hasn't received any reports of companies being infected by the résumé virus.

But antivirus software vendors, such as Symantec Corp., Trend Micro Inc., Computer Associates International Inc. and Network Associates Inc., warned users that the W97M.Melissa.BG worm was spreading through some corporate e-mail systems in the U.S. For example, Trend Micro reported that up to nine sites were infected by the Killer Résumé.

Like Melissa and the "I Love You" virus that infected computers around the world earlier this month (see story), the résumé worm spreads through Microsoft Outlook as an e-mail message. Its subject line reads "Resume - Janet Simmons" and an attachment called "Resume1.doc" or "Explorer.doc" is embedded in the message.

If a user opens the attachment, Killer Résumé attempts to e-mail itself to everyone in the user's Outlook address book. It also copies itself to "C:\Data\" and to "C:\WINDOWS\StartMenu\Programs\StartUp\Explorer.doc." In addition, the worm attempts to delete files on a user's hard drive when the attachment is closed.

Symantec and Network Associates gave the résumé worm a medium-risk assessment because it hasn't spread rapidly, but Trend Micro and CA rated it as a high risk for users. The FBI's National Infrastructure Protection Center also issued a warning to users late Friday night.

All the warnings should help users avoid being infected by this latest virus, but they're not enough by themselves, said Ira Winkler, president of the Internet Security Advisors Group in Severna Park, Maryland.

"The warnings aren't a bad thing," Winkler said. But not enough attention is being paid to ways that viruses and worms can be stopped from spreading, he added. For example, Winkler said preventive methods, such as disallowing macros and updating the definitions built into a user company's antivirus software, aren't being touted nearly as loudly as the virus warnings are.

Join the newsletter!


Sign up to gain exclusive access to email subscriptions, event invitations, competitions, giveaways, and much more.

Membership is free, and your security and privacy remain protected. View our privacy policy before signing up.

Error: Please check your email address.

More about CA TechnologiesCERT AustraliaComputer Emergency Response TeamFBIInternet Security Advisors GroupMellonMicrosoftSymantecTrend Micro Australia

Show Comments