We use cookies to provide you with a better experience. If you continue to use this site, we'll assume you're happy with this. Alternatively, click here to find out how to manage these cookies

hide cookie message
80,259 News Articles

Sircam worm is spreading

Latest virus displays worrying virus-like properties

Since first being reported last Tuesday, the W32.Sircam.worm computer virus has been infecting computers across the world and spreading rapidly.

The dissemination of the worm has occurred so quickly that antivirus vendor Symantec today upgraded its security warning about the virus, giving it a Category 4 'severe' rating, up from a Category 3 'moderate' level on a scale of 1 to 5. Even the PC Advisor office has been affected.

The Sircam worm carries an executable file that, if opened, sets off an attack on the recipient's PC. The damage can include the deletion of all files and directories on the main hard drive and system performance degradation as hard drive space is filled by errant code carried by the worm, according to Symantec's Antivirus Research Center [sic] in California.

The worm takes a random document from the infected PC and uses that file in the subject line of emails it then sends to people in the victim's address lists. This provides a trojan effect, because there isn't a standard attachment name to look for.

It's curiosity that keeps viruses in circulation. Pete Lindstrom, a security analyst at Hurwitz Group, said the worm is spreading because no matter how many times people are told not to open emailed executable file attachments from senders they don't know, curious recipients open the attachments, allowing viruses to infect their machines and networks.

"There's too much cutesie-wootsie stuff out there" that email recipients want to check out, Lindstrom said. "The lesson here is you can't expect users to learn. There's too much fun going on out there on the internet."

Instead, he said, the onus for protecting against such attacks should increasingly be placed on system email administrators, who can do more to protect users from their own curiosity.

"If e-mail administrators aren't stopping it at the gateway [by plugging known security holes or using software that can detect and defend against such attacks] then it's dereliction of duty on the email administrator's side," Lindstrom said.

Ken Dunham, an analyst with SecurityPortal.com/Atomic Tangerine in California, said the worm is particularly dangerous to corporate networks because it replicates quickly and can clog servers with outgoing mail. "It can cause a denial of service (DOS) or distributed DOS attack," he said. "You can run into real problems with that."


IDG UK Sites

5 reasons not to wait for the Apple Watch: Why you shouldn't buy the iWatch

IDG UK Sites

Why local multiplayer gaming is rapidly vanishing: we look at the demise of split-screen and LAN...

IDG UK Sites

How Emotional Debt is damaging digital design

IDG UK Sites

How to update your iPhone or iPad to iOS 8: including how to install iOS 8 if you don't have room