Red faces as Norway's Data Inspectorate distributes virus

January 23, 2003 Sophos Press Release

DatatilsynetDatatilsynet, the Norwegian Data Inspectorate, apologised to subscribers of its email newsletter on computer security earlier this week after accidentally distributing the FunLove virus.

According to the government agency, FunLove infected its external email server and sent itself out to 1700 subscribers of the agency's computer security newsletter on Monday 20 January.

Ove Skaara, a spokesman for the agency, told a Norwegian newspaper: "It is extremely embarrassing that we pushed a virus on people who had put themselves on a news list that provides information on data security."

Datatilsynet has confirmed that the email server was shut down by its ISP nearly an hour after it was infected, but "unfortunately the virus had already sent itself to everyone."

"FunLove is not a new virus - it has been doing the rounds since 1999," said Graham Cluley, senior technology consultant for Sophos Anti-Virus. "Unfortunate incidents like this remind all organisations of the need to keep their anti-virus protection on all of their computers up to date. It is reassuring to hear that the unfortunate victim on this occasion is making steps to prevent the likelihood of similar incidents happening in the future."

It is not the first time that the FunLove virus has been accidentally distributed. In 2001, Warner Brothers accidentally shipped a Powerpuff Girls DVD containing a file infected with the virus. Other FunLove victims have included Dell and Microsoft.

Once a network is infected, FunLove can automatically spread between all connected PCs. It also allows all users unrestricted file access.