26 Jun 2002
Sophos distributing W32/Yaha-E? Not guilty!
Sophos technical support has received a number of enquiries from
customers concerned that they may have received a copy of the
W32/Yaha-E virus
via email from Sophos.
Sophos would like to reassure its customer base that we have not
been infected or sent any viruses to our customers.
In fact, W32/Yaha-E can pretend (like the recent W32/Klez-H virus) to
originate from Sophos. By using its own SMTP engine, the worm can
appear to have come from any email address. Some infected messages
have a sender field and message text which imply that the message
was sent by a major anti-virus vendor (the virus can use the names
Kaspersky, F-Secure, Symantec and Trend Micro as well as Sophos).
Many of the email addresses and IP addresses used are invalid and
inaccurate.
Sophos recommends that users do not open or launch unsolicited
executable attachments and keep their anti-virus software
updated.
Sophos Anti-Virus has been capable of protecting against
W32/Yaha-E since 20 June 2002, and customers are encouraged to
subscribe to Sophos's email notification service to be
automatically warned of new threats emerging in the wild.
About Sophos
More than 100 million users in 150 countries rely on Sophos as the best protection against complex threats and data loss. Sophos is committed to providing security and data protection solutions that are simple to manage, deploy and use and that deliver the industry's lowest total cost of ownership. Sophos offers award-winning encryption, endpoint security, web, email, and network access control solutions backed by SophosLabs - a global network of threat intelligence centers. With more than two decades of experience, Sophos is regarded as a leader in security and data protection by top analyst firms and has received many industry awards.
Sophos is headquartered in Boston, US and Oxford, UK. More information is available at www.sophos.com.