Here is the latest email from Trend Virus Some new worm tricks out there. Be careful!
*********************************************************************
TREND MICRO WEEKLY VIRUS REPORT
(by TrendLabs Global Antivirus and Research Center)
*********************************************************************
------------------------------------------------------------------------
Date: June 14, 2002
------------------------------------------------------------------------
To read an HTML version of this newsletter, go to:
http://www.antivirus.com/trendsetter/virus_report/
Issue Preview:
1. Trend Micro Updates - Pattern File and Scan Engine Updates
2. It's Not Your Password - WORM_FRETHEM.E (Medium Risk)
3. "World Cup" Worm Withered - VBS_CHICK.F (Low Risk)
4. 10 Most Prevalent In-the-Wild Malware Surveyed by Trend Micro US
5. Trend Micro PC-cillin 2002 Now Available
NOTE: Long URLs may break into two lines in some mail readers.
Should this occur, please cut and paste the URL in your browser.
************************************************************************
1. Trend Micro Updates - Pattern File and Scan Engine Updates
------------------------------------------------------------------------
PATTERN FILE: 299 http://www.antivirus.com/download/pattern.asp
SCAN ENGINE: 6.150 http://www.antivirus.com/download/engines/
2. It's Not Your Password - WORM_FRETHEM.E (Medium Risk)
------------------------------------------------------------------------
This non-destructive, memory-resident worm propagates via Microsoft
Outlook by sending email to all addresses listed in the infected user's
Windows Address Book, and in .DBX files where Microsoft Outlook Express
archives emails. It arrives as an attachment to an email message with
the following:
Subject: Re: Your password!
Message Body: ATTENTION!
You can access very important information by this password
DO NOT SAVE password to disk
use your mind
now press cancel
Attachments: Decrypt-password.exe
password.txt
This worm exploits the incorrect MIME (Multipurpose Internet Mail
Extensions) header vulnerability and IFRAME security hole that automatically
runs the attachment of an HTML email when a user reads or previews the
email. This vulnerability allows the worm to install itself in the
system without the user double clicking or opening the attachment.
If you would like to scan your computer for WORM_FRETHEM.E or thousands
of other worms, viruses, Trojans and malicious code, visit HouseCall,
Trend Micro's free online virus scanner at:
http://housecall.antivirus.com/
WORM_FRETHEM.E is detected and cleaned by Trend Micro pattern file #298
and above.
For additional information about WORM_FRETHEM.E please visit:
http://www.antivirus.com/vinfo/virusencyclo/default5.asp?VName=WORM_FRETHEM.E
3. "World Cup" Worm Withered - VBS_CHICK.F (Low Risk)
------------------------------------------------------------------------
The "World Cup" worm quickly withered, soon after its discovery. This
worm contains errors in its code and therefore, it fails to propagate.
It is capable of sending email, but is incapable of sending email with a
copy of itself as an attachment.
This non-destructive worm claims to contain the results of a World Cup
2002 soccer match, and propagates via Internet Relay Chat and email. It
executes on systems where ActiveX is enabled in Internet Explorer's
(IE) security settings. It arrives in an email with the following details:
Subject: RE: Korea Japan Results
Message Body: Take a look at these results ...
Regards,
Attachment: koreajapan.chm
Upon execution, Internet Explorer prompts the user with a warning,
asking to enable the ActiveX control. When the user clicks "Yes," the
malicious script of this worm executes. It sends an email only once, and
only to the first entry in the infected user's address book. After it has
sent the email, it does not re-execute the mailing routine.
Due to errors in its code, this worm fails to propagate: It can send
one email, but is incapable of sending email with a copy of itself as an
attachment.
VBS_CHICK.F is detected and cleaned by Trend Micro pattern file #295
and above.
For additional information about VBS_CHICK.F please visit:
http://www.antivirus.com/vinfo/virusencyclo/default5.asp?VName=VBS_CHICK.F
4. 10 Most Prevalent In-the-Wild Malware Surveyed by Trend Micro US
(week of: June 3, 2002 to June 9, 2002)
------------------------------------------------------------------------
1. WORM_KLEZ.H
2. JS_EXCEPTION.GEN
3. WORM_BENJAMIN.A
4. JS_NOCLOSE.E
5. PE_ELKERN.D
6. PE_MAGISTR.A
7. TROJ_DLDER.A
8. PE_MAGISTR.B
9. PE_NIMDA.A-O
10. WORM_KLEZ.E
5. Trend Micro PC-cillin 2002 - Antivirus, Anti-Hacker, & PDA Virus
Protection
------------------------------------------------------------------------
Trend Micro is pleased to announce the release of PC-cillin 2002.
PC-cillin 2002 provides award-winning protection against macro viruses,
Trojans,
and other malicious threats. An integrated personal firewall helps
secure
desktop computers against illegal access, ping attacks, and even port
scanning
for Internet-era protection. This complete antivirus strategy also
includes
security for Palm, Pocket PC, and EPOC devices.
BUY NOW: $39.95
http://www.trendmicro.com/pcc2002_wvr
If you already own PC-cillin, you may purchase an upgrade to PC-cillin
2002 for
just $19.95 at:
http://www.antivirus.com/pc-cillin/products/upgrade.htm
This pricing applies to customers in the U.S. and Canada only.
************************************************************************
