'NAKEDWIFE' trojan worm strikes

Trend Micro began getting reports of the trojan worm that spreads through e-mail at 8am PST Tuesday, as nine US organisations, including a telecommunications company and a government agency, reported the worm, said Susan Orbuch, a company spokeswoman. The worm is currently in the wild and is rated a "medium" security risk by Trend Micro, she said.

"It would go to a red alert if we went to other regions of the world," Orbuch said. "Right now, we are only getting reports from the US"

McAfee, a division of Network Associates, also reported that 25 corporate clients, including Fortune 500 companies, had identified the trojan worm and the company rated it a "high risk." Computer Associates and Central Command also reported the worm.

The trojan worm is spread through Microsoft Outlook, sending an e-mail to every e-mail address in the infected user's address book, security firms said. The worm is known as NAKEDWIFE, W32/Naked@MM, W32.HLLW.JibJab@mm.

When the trojan is executed, it displays a "Flash" window that states "JibJab loading." While the file loads, the trojan deletes DLL (Dynamic Link Library), INI (initialisation files), EXE (execution files), BMP (picture files) and COM (resource) files in the Windows and system directories, according to Trend Micro. In other words, the worm deletes files used for everyday computer operation, Orbuch said.

The trojan, which was written in VBS (Visual Basic Script), sends out the same mail as an e-mail attachment. The mail has a subject line that reads "FW: Naked Wife." It has a message body that reads "My Wife never look like that :), Best Regards." The attachment is named NakedWife.EXE.

After the e-mail is sent out, the trojan then displays another message.

"You're now (F-----!) (c) 2001 By BGK (Bill Gates Killer)," the message reads, according to Trend Micro.

A bit of "social engineering" is going on with worms like the NakedWife worm, Orbuch said. Some users are intrigued by the title and open it, she said.

"I step back and say 'Why are people opening files that say 'NakedWife'" at work, Orbuch said.

Companies should consider security measures that eliminate EXE and VBS files gaining access to a corporate network, she said. Users also should know they should not open the attachments, she said.

Join the newsletter!

Error: Please check your email address.
Rocket to Success - Your 10 Tips for Smarter ERP System Selection
Keep up with the latest tech news, reviews and previews by subscribing to the Good Gear Guide newsletter.

James Evans

PC World
Show Comments

Most Popular Reviews

Latest Articles

Resources

PCW Evaluation Team

Ben Ramsden

Sharp PN-40TC1 Huddle Board

Brainstorming, innovation, problem solving, and negotiation have all become much more productive and valuable if people can easily collaborate in real time with minimal friction.

Sarah Ieroianni

Brother QL-820NWB Professional Label Printer

The print quality also does not disappoint, it’s clear, bold, doesn’t smudge and the text is perfectly sized.

Ratchada Dunn

Sharp PN-40TC1 Huddle Board

The Huddle Board’s built in program; Sharp Touch Viewing software allows us to easily manipulate and edit our documents (jpegs and PDFs) all at the same time on the dashboard.

George Khoury

Sharp PN-40TC1 Huddle Board

The biggest perks for me would be that it comes with easy to use and comprehensive programs that make the collaboration process a whole lot more intuitive and organic

David Coyle

Brother PocketJet PJ-773 A4 Portable Thermal Printer

I rate the printer as a 5 out of 5 stars as it has been able to fit seamlessly into my busy and mobile lifestyle.

Kurt Hegetschweiler

Brother PocketJet PJ-773 A4 Portable Thermal Printer

It’s perfect for mobile workers. Just take it out — it’s small enough to sit anywhere — turn it on, load a sheet of paper, and start printing.

Featured Content

Product Launch Showcase

Latest Jobs

Don’t have an account? Sign up here

Don't have an account? Sign up now

Forgot password?