FBI Issues E-bug Warning

[Guest guest]

JUNE 11, 11:43 EDT

 

By BRUCE MEYERSON

AP Business Writer

 

Symantec's AntiVirus Research Center

 

NEW YORK (AP) Trying to contain a destructive new software bug that's

already infected tens of thousands of computers, the FBI today warned users

against opening any suspicious e-mail bearing gifts.

 

Anti-virus experts were still trying to assess the damage from

Worm.Explore.Zip, which forced Microsoft itself to shut down its own

corporate e-mail systems for two hours Thursday as a precaution.

 

``Because of the destructive payload delivered by this virus, its

potential impact is significant,'' Michael A. Vatis, director of the

National Infrastructure Protection Center at the Federal Bureau of

Investigation, said today in an advisory on the FBI's Web site.

 

``Users should exercise caution when reading their e-mail for the next

few days and bring unusual messages to the attention of their system

administrator,'' said Vatis. ``The transmission of a virus can be a criminal

matter, and the FBI is investigating.''

 

Worm.Explore.Zip is the third major bug to sweep across the Internet

since late March, when the Melissa virus overwhelmed systems with floods of

e-mail. A more damaging virus named Chernobyl struck in late April, but did

most of its harm overseas.

 

The new bug is only known to attack computers using Microsoft operating

systems Windows 95, Windows 98, and Windows NT. Rival operating systems such

as Macintosh and Unix apparently are not vulnerable. The majority of

computers used Microsoft systems.

 

Worm.Explore.Zip tricks people by disguising itself as a friendly e-mail

reply bearing a gift.

 

But anyone who opens that ``gift'' unleashes a program that hunts

through a computer hard drive and wipes out the contents of documents,

spreadsheets and other important files.

 

The bug also contaminates a computer's e-mail program and sends a copy

of itself as a reply to any incoming e-mail. That aspect of the

Worm.Explore.Zip makes the bug particularly threatening for companies with

large computer networks where workers regularly zip e-mails back and forth.

 

``Once the virus has started within an organization, it embeds itself

into the system,'' Jan Kaminski, president of FastLane Technologies, a maker

of computer network software in Halifax, Nova Scotia, said Today. ``There's

nothing you can do until you actually remove some files from the machine.

Switching off the machine stops it, but once you turn on it, the virus

starts up again.''

 

Government and university anti-virus teams were trying to combat the

outbreak, which reportedly was first detected in Israel earlier this week

and has reached at least 12 countries.

 

Early warnings helped General Electric contain the damage Thursday when

its system was infected, and other major corporations such as Intel and

Boeing were also reportedly infected, as were computers at the University of

Phoenix.

 

 

``The technicians are still assessing the damage,'' University of

Phoenix controller Junette West said. ``There's been quite a bit of damage.

(Almost) everything's down.

 

``It's pretty nasty,'' she added.

 

Because of the way it works, Worm.Explore.Zip actually does not fit the

technical definition of a computer virus. Instead, software experts said,

the bug should be classified as a ``Trojan Horse.''

 

Either way, the bug poses a serious threat to businesses, government

agencies and personal computer users.

 

``We have the virus,'' Rachel Albert, a spokeswoman for InterActive

Public Relations of San Francisco, said Thursday. ``It's terrible. A lot of

people lost everything they were working on.''

 

Worm.Explore.Zip arrives with a friendly message: ``Hi (Recipient Name)!

I received your e-mail and I shall send you a reply ASAP. Till then, take a

look at the attached zipped docs.''

 

The message is harmless unless a person opens the ``zipped docs,'' a

term referring to a compressed file sent with the e-mail.

 

By opening that file, a person unknowingly activates the virus, which

then uses the computer's e-mail software to send a copy of itself to the

address of any e-mail that arrives.

 

The virus also worms into a computer's hard drive and deletes

information in files created by popular software, including the word

processor Microsoft Word and the spreadsheet program Microsoft Excel.

====================================================================

 

BB comments: One MORE reason to abandon Microsoft and go with Linux.

(Text COM:2397969) --------