SAN FRANCISCO (Reuters) – A new e-mail virus started spreading to corporate computers on Friday and is headed for home computers, but computer security experts said they expect the outbreak to wind down over the weekend.
Anti-virus software maker Trend Micro said tens of thousands of its corporate computer users in France and Germany had been hit by the virus, dubbed “Mimail.C.”
The e-mail was spreading quickly because it spoofs e-mail addresses in a computer address book, making it appear as if the virus-carrying e-mail comes from a friend or co-worker, said Raimund Genes, European president of Trend Micro.
Trend and Network Associates Inc. rated the virus a “medium” threat, upgrading it from a low-level threat because of the large number of infections being reported within a short time, according to Vincent Gullotto, vice president of Network Associates’ anti-virus response team.
The virus arrives in a zip, or compressed file, in an e-mail with a subject line of “our private photos.” The text in the body of the message says: “All our photos which i’ve made at the beach….” and is signed “Kiss, James.”
When the recipient opens the zip file and then the executable file inside that, the virus harvests e-mail addresses from the computer to spread itself further, Gullotto said.
It also sends an unknown type of data to a remote server in what appears to be an attempt to cripple the server in a “denial of service” attack, he said. In such an attack, a remote attacker instructs compromised computers to overload a Web site and take it down temporarily.
The attack appeared to have been targeting four Web sites with the name “darkprofits,” according to Network Associates.