U.K.-BASED SECURITY SOFTWARE vendor Sophos has warned of a new variant on the Love Bug worm which, as well as infecting users' machines, seems designed to attract the attention of the Echelon surveillance system. Sophos added that it has found just one example of the worm in the wild.

   ADVERTISEMENT
  

Free IT resource

Virtualization Insights from Top Experts - Learn how virtualization gets real!

Sponsored by Dell

Free IT resource

TechNet: More ways to know it, share it, and keep it running.

Sponsored by Microsoft

RELATED LINKS
»  IE 7 bug reopens debate over patch responsibilities
»  Woman ordered to pay for file-sharing will appeal
»  McAfee to buy SafeBoot for $350M
»  Security RSS feed 

IDG ENTERPRISE NETWORK
Research Reports  (CIO)
Ask the Expert  (CIO)

TOP NEWS 


IT SOLUTION SEARCH
Dubbed VBS/LoveLet-CL, the worm creates two copies of itself on the user's hard drive using the file names command.vbs and WinVXD.vbs, and these files are executed every time the computer boots up, according to Sophos. The worm is Visual Basic Script (VBS)-based, and tries to send itself to every address in an infected Outlook user's address book in e-mails with the subject line "!!!", the company said.

Within the worm's code are written numerous comments and code words that Sophos said may be designed to trigger monitoring by the international Echelon system -- possibly in an effort to overwhelm it if the virus becomes widespread. These include "sabotage," "assassination," "booby traps," and "terrorism."

Among the virus' other effects, it searches for files with a range of extensions and overwrites them with itself. It can also propagate itself using mIRC (Internet Relay Chat).