A number of customers have contacted Sophos technical support concerned about a new email-aware worm which exploits interest in the first anniversary of the September 11 terrorist activity.
The worm, called W32/Chet-A, arrives in the form of an email attachment called 11september.exe. The email message body claims that the attachment contains evidence of money laundering and photographic evidence of friendly dialogue between Osama Bin Laden of Al-Qaeda and the USA government.
The message goes on to describe how it contains evidence that the FBI discussed with Al-Qaeda the best way to kill as many people as possible in New York.
Obviously the message is intended to raise interest in the mind of the email's recipient in an attempt to get them to launch the attached executable file.
"The Chet worm author is the latest to use psychological tricks to try to dupe users into opening malicious code. However, this is probably the sickest and lamest trick to date," said Graham Cluley, senior technology consultant, Sophos Anti-Virus. "The implausibility of the allegations contained in the worm's email will hopefully mean most people will instantly recognise this as suspicious."
To date Sophos has received no reports of this worm from the wild, but reminds all computer users to keep their anti-virus protection up-to-date and practise safe computing by not launching unsolicited executable code.
Sophos is headquartered in Boston, US and Oxford, UK. More information is available at www.sophos.com.