Fizzer is still making the rounds

Sophos Press Release

The email-aware worm, W32/Fizzer-A, first seen late last week, seems to be picking up pace. Until today, Sophos had received only a handful of reports, but the numbers are now rising. Sophos customers who have kept their anti-virus software up-to-date are protected against all known threats, including this worm.

The email arrives with a subject line selected randomly from a list. The attachment is an infected executable with either a single or double extension. The worm spreads by emailing itself to contacts in the Microsoft Outlook and Windows address books and to random email addresses at popular domains such as,, and others.

W32/Fizzer-A has IRC backdoor Trojan functionality. This means that if it manages to infect a computer system, it will attempt to connect to a remote IRC server and run continuously in the background. By doing so, hackers can gain remote access and control over the computer via the open IRC channel. Blocking IRC connections at the firewall can ensure that external communication via IRC is impossible.

"The Fizzer worm can severely affect company confidentiality and credibility, so it is vital that businesses ensure that they are protected," explained Carole Theriault, anti-virus consultant at Sophos. "By updating virus protection automatically and by stopping executable attachments from even gaining access through their email gateway, companies stand the best chance of remaining untouched by such virus attacks."

Sophos Anti-Virus incorporates a range of reporting and management tools to support network administrators. The Enterprise Manager suite of software allows automatic installation, update and download of Sophos Anti-Virus from the internet. The MailMonitor suite of software checks all email traffic passing through your company, providing an extra layer of protection against mass mailing viruses. Threat reduction technology in MailMonitor for SMTP lets users reduce their exposure to virus threats even further by blocking potential carriers at the gateway.

More than 100 million users in 150 countries rely on Sophos’ complete security solutions as the best protection against complex threats and data loss. Simple to deploy, manage, and use, Sophos’ award-winning encryption, endpoint security, web, email, mobile and network security solutions are backed by SophosLabs - a global network of threat intelligence centers. Sophos is headquartered in Oxford, U.K., and is publicly traded on the London Stock Exchange under the symbol “SOPH.” More information is available at