Cameras
Camcorders
Cell Phones
Components
Desktops
HDTV
Home Theater
GPS
Laptops
Monitors
MP3 Players
Networking &
Printers
Storage
WiFi Finder
Locate wireless services by a specific address, city, state, country, airport, or zip code.
Goner Worm Threatens Security Apps
Antivirus vendors provide protection against high-risk worm that masquerades as screen saver.
Sam Costello, IDG News Service
BOSTON -- A new high-risk worm, called "Goner," which attempts to delete a number of program files on infected computers, including firewall applications, is spreading quickly Tuesday, according to a number of antivirus firms.
The worm spreads by way of an attachment sent to users of Microsoft's Outlook and Outlook Express e-mail programs. In a change from the usual worm formula, it also travels through the chat application ICQ, according to vendors of antivirus products including McAfee.com, Computer Associates International, and Trend Micro. Goner does not exploit any security vulnerabilities like the recent Badtrans worm, but instead must have its attachment double-clicked in order to be launched, said April Goostree, virus research manager at McAfee.com.
Goner appears in user's in-boxes as an e-mail with the subject line "Hi." The body of the message reads, "How are you? When I saw this screen saver, I immediately thought about you ... I am in a harry [sic], I promise you will love it!" The mail also includes an attachment called Gone.SCR, which appears to be a screen saver.
When the attachment is double-clicked, the worm sends itself to everyone listed in the victim computer's address book, the antivirus companies said. Goner also tries to spread through the ICQ chat program, sending a copy of itself to all online users, Trend Micro said in its Web site. The worm installs a backdoor program that is activated whenever the mIRC chat application is launched and that can be used in Denial of Service attacks, Trend Micro said. After double-clicking on the attachment, a window also pops up, which includes credits for the virus' writer and its testers.
Search, Destroy Apps
After launch, Goner attempts to locate and delete a number of programs, including security programs like Zone Labs' ZoneAlarm firewall application, McAfee.com's Goostree said. Other files it attempts to delete include antivirus programs from Symantec and Kasperksy Labs, and security applications from Lockdown, and SafeWeb, according to both McAfee.com and Trend Micro.
The number of users infected with Goner is already "very, very large," Goostree said, although she did not have an exact number available.
"I would imagine you're going to see corporations shutting down their mail servers" to deal with the worm, she said.
Users are advised to update their virus definitions, visit the Web site of their antivirus provider, and not open unexpected attachments.
Save on Printing Costs
Top Selling Laptops
- Great year-end deals for small business!
-
Get 24/7 live remote AT&T Tech Support 360* service along with select Lenovo* PCs (with Intel® Core™ 2 Duo processors and save up to 200!
-
HP EliteBook* 6930p Notebook with Intel® vPro™ technology and a free HP Basic Docking Station - $641 instant savings!
- *Other names and brands may be claimed as the property of others. ©2009 Intel Corporation. Intel, the Intel logo, vPro and Core trademarks of Intel Corporation in the United States and other countries. All rights reserved.
People who read this also read:
Best Prices on Antivirus Software
Norton Antivirus 2010 (Full Product, 1 User)Price: $17.90
Anti-virus 2010 (OEM Product, 1 User)Price: $21.60
AntiVirus Plus 2010 - 3 Users (Full Product)Price: $11.95
AntiVirus 2010 (Full Product)Price: $24.95
Norton AntiVirus 2009 (Full Product)Price: $16.89
Anti-Virus 2009 (Full Product)Price: $15.04
-
Perfect Printing Solutions Find just the right All-in-One printer for you from HP. Visit the HP Resource Center.
-
Lenovo Laptop Showcase Find out how Lenovo IdeaPads and Thinkpads balance performance and portability. Visit the Lenovo Resource Center for more info...
