|
| The worm tries to send pictures of an owl to
attached network printers. |
Experts at SophosLabs™, Sophos's global
network of virus, spyware and spam analysis centers, have
discovered a worm that attempts to send a photograph of an owl to
attached network printers.
The W32/Hoots-A
worm is written in Visual Basic and spreads via network shares.
Once it has infected a computer it attempts to send a graphical
image of an owl with the legend "O RLY?" to a number of predefined
print queues.
"This isn't the work of a professional virus writer. Most
malware authors these days encrypt their executables with packers
in an attempt to make them harder to detect, this one does not. It
is also written in Visual Basic, which is unusual for a virus
today. But the smoking gun is that the worm has hardcoded within it
the specific network paths to almost 40 different printers," said
Graham Cluley,
senior technology consultant for Sophos. "It appears this malware
was written for a specific organization, by someone who had inside
knowledge of their IT infrastructure."
The phrase "O RLY?" is internet slang for "Oh really?", and is
often accompanied by a picture of a snowy white owl.
"Why the author should want to print out pictures of an owl is,
of course, anybody's guess," continued Cluley.
Sophos has only received reports of the malware from one
customer, and is working with the organization to provide more
information which may help identify the creator of the worm.
Sophos recommends companies put in place a consolidated solution to defend against viruses,
spyware and spam, and ensure that it is automatically updated as
new threats emerge.
More than 100 million users in 150 countries rely on Sophos as the best protection against complex threats and data loss. Sophos is committed to providing security and data protection solutions that are simple to manage, deploy and use and that deliver the industry's lowest total cost of ownership. Sophos offers award-winning encryption, endpoint security, web, email, and network access control solutions backed by SophosLabs - a global network of threat intelligence centers. With more than two decades of experience, Sophos is regarded as a leader in security and data protection by top analyst firms and has received many industry awards.
Sophos is headquartered in Boston, US and Oxford, UK. More information is available at www.sophos.com.