Sophos, a world leader in corporate anti-virus protection, is
warning users to beware of the Goner worm (W32/Goner-A). First
detected on 4 December, 2001, Sophos has already received a
significant amount of calls from infected users.
The email arrives with the subject line 'Hi' and carries an
infected attachment called GONE.SCR, posing as a screensaver. Once
activated, the worm spreads to all contacts in the user's Outlook
address book.
"This worm highlights the importance of being suspicious about
anything that arrives unexpectedly in your inbox," said Graham
Cluley, senior technology consultant for Sophos Anti-Virus. "Worms
like these are wolves in sheep's clothing. Posing as innocent
games, pictures or screensavers, they are in fact much more
sinister. Even if the email appears to have come from a friend, it
still should not be automatically trusted."
Once activated, the worm attempts to disable a number of
different anti-virus products from the infected computer by
deleting files from the installation directory. Sophos is urging
computer users to update their anti-virus protection now and be
wary of all emails containing unsolicited attachments.
Sophos has issued protection against this worm.
More than 100 million users in 150 countries rely on Sophos as the best protection against complex threats and data loss. Sophos is committed to providing security and data protection solutions that are simple to manage, deploy and use and that deliver the industry's lowest total cost of ownership. Sophos offers award-winning encryption, endpoint security, web, email, and network access control solutions backed by SophosLabs - a global network of threat intelligence centers. With more than two decades of experience, Sophos is regarded as a leader in security and data protection by top analyst firms and has received many industry awards.
Sophos is headquartered in Boston, US and Oxford, UK. More information is available at www.sophos.com.