The email-aware worm, W32/Fizzer-A, first seen
late last week, seems to be picking up pace. Until today, Sophos
had received only a handful of reports, but the numbers are now
rising. Sophos customers who have kept their anti-virus software
up-to-date are protected against all known threats, including this
worm.
The email arrives with a subject line selected randomly from a
list. The attachment is an infected executable with either a single
or double extension. The worm spreads by emailing itself to
contacts in the Microsoft Outlook and Windows address books and to
random email addresses at popular domains such as msn.com,
yahoo.com, aol.com and others.
W32/Fizzer-A has IRC backdoor Trojan functionality. This means
that if it manages to infect a computer system, it will attempt to
connect to a remote IRC server and run continuously in the
background. By doing so, hackers can gain remote access and control
over the computer via the open IRC channel. Blocking IRC
connections at the firewall can ensure that external communication
via IRC is impossible.
"The Fizzer worm can severely affect company confidentiality and
credibility, so it is vital that businesses ensure that they are
protected," explained Carole Theriault, anti-virus consultant at
Sophos. "By updating virus protection automatically and by stopping
executable attachments from even gaining access through their email
gateway, companies stand the best chance of remaining untouched by
such virus attacks."
Sophos Anti-Virus incorporates a range of reporting and
management tools to support network administrators. The Enterprise
Manager suite of software allows automatic installation, update and
download of Sophos Anti-Virus from the internet. The MailMonitor
suite of software checks all email traffic passing through your
company, providing an extra layer of protection against mass
mailing viruses. Threat reduction technology in MailMonitor for
SMTP lets users reduce their exposure to virus threats even further
by blocking potential carriers at the gateway.
Sophos is headquartered in Boston, US and Oxford, UK. More information is available at www.sophos.com.