Sophos, a world leader in corporate anti-virus protection, is
warning computer users against the new MyParty email worm (W32/MyParty-A) which is
spreading in the wild.
The worm, which may appear to have come from a colleague or
friend, arrives as an email with the subject line 'new photos from
my party!'. The message reads: 'Hello! My party...It was absolutely
amazing! I have attached my web page with new photos! If you can
please make color prints of my photos. Thanks!'.
The email contains an attachment called "www.myparty.yahoo.com".
You may think this is a link to a website, but it is actually a
program file. Clicking on the attachment launches the program,
which sends a copy of itself to every contact in the Windows
Address book. It also tries to release a backdoor program onto your
PC to allow others to access your computer remotely.
"Computer users are definitely getting wiser," said Paul
Ducklin, Head of Global Support at Sophos Anti-Virus in Sydney.
"The first reports we received of this worm were from people who
didn't launch the attachment, but instead sent it in for analysis
as obviously suspicious. It looks like Sophos's message of
practising Safe Hex is getting through."
Protection against this worm (W32/MyParty-A) and the
backdoor it releases (Troj/Msstake-A) is
available from the Sophos Anti-Virus website.
For further information about Safe Hex please read Sophos's
safe computing guidelines.