23 Apr 2003
Coronex computer worm exploits SARS worries
Sophos has issued a warning of a new computer worm that takes
advantage of growing concern over the biological SARS virus. Known
as
W32/Coronex-A, the
mass-mailing worm forwards itself to all contacts in Outlook
address books and attempts to dupe innocent computer users into
opening an attachment offering details on the current SARS
epidemic. The Coronex worm uses a variety of subject lines, message
bodies and attachment names to entice users into double-clicking
including: "Severe Acute Respiratory Syndrome", "SARS Virus" and
Hongkong.exe "The worm has been deliberately coded to exploit the
public's genuine concern about SARS, and is just a further
demonstration of the ways that virus writers attempt to use
psychological trickery to spread their creations," said Graham
Cluley, senior technology consultant for Sophos Anti-Virus. "It is
important that people call this virus by its proper name, Coronex,
rather than 'the SARS virus'. If they don't it will only add to the
confusion and panic. In particular, anti-virus firms should act
responsibly in the way they communicate news of this virus to the
public by ensuring their products, alerts and press releases do not
refer to this computer virus as 'SARS'". "As ever the advice to
users is simple: practice safe computing, keep anti-virus software
up to date and patch against operating system vulnerabilities. This
will dramatically reduce the risk of becoming infected by a new
virus," continued Cluley. Sophos recommends companies consider
blocking all Windows programs at their email gateway. It is rarely
necessary to allow users to receive programs via email from the
outside world. There is so little to lose, and so much to gain,
simply by blocking all emailed programs, regardless of whether they
contain viruses or not.
About Sophos
More than 100 million users in 150 countries rely on Sophos as the best protection against complex threats and data loss. Sophos is committed to providing security and data protection solutions that are simple to manage, deploy and use and that deliver the industry's lowest total cost of ownership. Sophos offers award-winning encryption, endpoint security, web, email, and network access control solutions backed by SophosLabs - a global network of threat intelligence centers. With more than two decades of experience, Sophos is regarded as a leader in security and data protection by top analyst firms and has received many industry awards.
Sophos is headquartered in Boston, US and Oxford, UK. More information is available at www.sophos.com.