UPDATE: Love Bug virus hits Australia
- — 05 May, 2000 16:56
The worm, known as VBS.LoveLetter.A was only detected yesterday, but has already infected "millions" of systems throughout the world, Jakub Kaminski, virus research manager at Computer Associates' Vet Virus Control Centre in Victoria, said.
"It's hit the whole world. It's very prolific," Kaminski said. " In a matter of hours it had spread from Europe to the Middle East . . . If it hits a big corporation it spreads like fire."
Kaminski said CA's Virus Control Centre began receiving calls on the virus last night and Australian companies cannot expect to be spared from attacks.
"I think we're not discriminated. We'll be hit as hard as anyone else," he said.
Local companies hit by the virus include Gateway, Compuware, Goldman Sachs, EMC and bookseller Dymocks.
According to Dymocks webmaster, Lu Luc, the company's email system was shut down for about an hour this morning after the company was infected by a variant of the virus.
"We've been able to clamp down in it," Luc said, adding that the company had implemented a virus scanner update.
In its original form, the virus is carried as an email attachment with "ILOVE YOU" in the subject line; however, it may also appear in an email with the subject line "fwd: Joke". The variant attachment is labelled "Very Funny.vbs".
"(Fwd: Joke) a new variant of the same stuff . . . it's identical," Kaminsaki said.
According to Kaminiski, both emails activate the virus only if the attachment is launched.
Once activated, the virus sends the infected email to all addresses listed on the recipient's inbox, in addition to replacing some files located across all drives and directories.
Files which may be infected include those with extensions including VBS, VBE, JS, JSE CSS, WSH, ACT, HTA, JPAG, JPEG, MP3 and MP2, Kaminski saidAccording to Kaminski, when it was first detected the virus also had the potential to link to four different websites and download software to penetrate company networks. He said the associated websites are no longer accessible.
Local companies hit by the virus include Gateway, Compuware and Goldman Sachs.
Users receiving the emails are advised to delete the documents before opening or launching the attachment.
Anti-virus updates are available from security experts including Network Associates, Computer Associates, Symantec and PowerQuest.