Internet users were warned Monday of a new mass mailer worm that masquerades as an appeal for aid after last month's Indian Ocean tsunami disaster.
The worm carries the subject line "Tsunami Donation! Please help!" and the text message "Please help us with your donation and view the attachment below! We need you!" The attachment, labelled "tsunami.exe," spreads the virus to other internet users, according to security firm Sophos.
Running the attached file also launches a denial-of-service (DOS) attack against German hacking site www.hacksector.de, said Sophos Chief Technology Consultant Graham Cluley. The site appeared to be down Monday morning when Sophos researchers tried to access it, Cluley added.
"This could be a skirmish between two hacker groups," Cluley said.
Sophos has received a small number of reports of the worm, VBSun-A, being found in the wild. It appears to be part of a new trend in internet hoaxes that seek to take advantage of the tsunami tragedy, Cluley said.
Sophos warned last week of a number of email scams related to the tsunami, and similar to the seemingly ubiquitous Nigerian letter scams which seek money from their recipients.
"This is a healthy reminder that people need to be very careful of what they run on their computers," Cluley said, noting that recently he's seen an increase in hoaxes based on recent news events.
Still, 2005 has started as a relatively slow year for new internet viruses, Cluley said. The most prevalent at the moment is Netsky.P, which was first discovered nine months ago, he said.