Edited/Distributed by HURINet - The Human Rights Information Network
---------------------------------------------------------------------
## author : istuber@undelete.org
## date : 24.09.01
---------------------------------------------------------------------
Monday September 24, 7:26 pm Eastern Time
Press Release
SOURCE: Computer Associates International, Inc.
Computer Associates Advises of New Email-Borne Virus That
Exploits Recent Terrorist Events
'Win/Vote' Virus Takes Advantage of September 11 Tragedy To
Trick Users Into Infecting Computer Files
ISLANDIA, N.Y., Sept. 24 /PRNewswire/ -- Computer Associates
International, Inc. (CA) today advised of a new computer
virus that uses the September 11 terrorist attacks to induce
unsuspecting users to open an email attachment and trigger
the virus.
CA is classifying this mass mailer virus as medium- to
high-risk because of its strong social engineering
techniques, which will enhance the likelihood of its being
propagated via Microsoft Outlook and spreading its
destructive payload.
The email carrying the virus has certain characteristics
that make it easy to recognize:
Email Subject: "Fwd: Peace BeTweeN AmeriCa And IsLaM!"
Email Body: Hi
iS iT A waR Against AmeriCa Or IsLaM !?
Let's Vote To Live in Peace!
Attachment: WTC.exe.
The virus payload consists of dropping two Visual Basic
Script files and registry modifications so that the scripts
will run on Windows startup.
The first script attempts to overwrite HTML/HTM files on
local and network drives with the text string ``AmeRiCa . .
. Few Days WiLL Show You What We Can Do!!! It's Our Turn.''
The second script makes modifications to the autoexec.bat
file, so that if the user reboots, all files in the Windows
directory will be deleted and the C: drive reformatted.
``What's particularly troublesome is that people are
clicking on the attachment because they think they may be
voting for or against a war,'' said Barry Keyes, vice
president, eTrust solutions, CA. ``While using social
engineering to trick computer users isn't a new tactic, this
virus is likely to be fairly effective if users are not
adequately warned of the damage it can do. We encourage
corporate administrators and home users to take immediate
action to protect their computing environments with the
latest signature updates.''
CA's eTrust global antivirus researchers have released a new
signature for its award winning antivirus solutions --
eTrust InoculateIT, eTrust Antivirus and eTrust EZ
Antivirus. Additional information is available at
http://ca.com/virusinfo.
About Computer Associates
Computer Associates International, Inc. (NYSE: CA - news)
delivers The Software That Manages eBusiness. CA's
world-class solutions address all aspects of eBusiness
process management, information management, and
infrastructure management in six focus areas: enterprise
management, security, storage, eBusiness transformation and
integration, portal and knowledge management, and predictive
analysis and visualization. Founded in 1976, CA serves
organizations in more than 100 countries, including 99
percent of the Fortune 500 companies. For more information,
visit http://ca.com.
All trademarks, trade names, service marks, and logos
referenced herein belong to their respective companies.
SOURCE: Computer Associates International, Inc.
========== HURIDOCS-Tech listserv ==========
Send mail intended for the list to <huridocs-tech@hrea.org>.
Archives of the list can be found at: http://www.hrea.org/lists/huridocs-tech/
To subscribe to the list, send a message to <majordomo@hrea.org>,
with the following text in the message: subscribe huridocs-tech
To unsubscribe from the list, send a message to <majordomo@hrea.org>,
with the following text in the message: unsubscribe huridocs-tech
If you have problems (un)subscribing, contact <owner-huridocs-tech@hrea.org>.
[Reply to this message] [Start a new topic] [Date Index] [Thread Index] [Author Index] [Subject Index] [List Home Page] [HREA Home Page]