Trend Micro warns rampant Swen worm yet to peak

Security vendor Trend Micro claims the mass mailing Swen worm - which has wreaked havoc across the BigPond network -- is likely to make the top 10 list of viruses for 2003, following a dramatic surge in activity across the Internet.

Trend Micro managing director Chris Poulos said while the vendor can't put a quantifiable figure on the number of e-mails infected with the Swen worm being received by its customers, the company has had reports that several of its large corporate customers have received in excess of 50,000 infected e-mails so far.

Both Poulos and newly appointed product marketing manager Clive Wainstein said the worm continues to pick up intensity, and hasn't reached its peak yet.

"We're finding there is an increase with corporations picking this virus up at their gateways," Wainstein said.

The Swen worm (also referred to as Win32.Swen.A), which was first detected by security vendors on 18 September, is disguised as a Windows update bulletin e-mail from Microsoft. The e-mail features an attachment, with either a .com, .scr,.bat,.pif or .exe file extension. Once activated, the worm copies itself to the computer user's Windows directory, and propagates by targeting e-mail addresses listed in the directory.

Poulos said that although Swen is very similar to the Sobig.F virus in that both are mass mailing worms, "Swen is more clever in social engineering."

"The worm has a very authentic Microsoft Web page, and the attachment masquerades as a security update."

In addition, the Swen worm is different to the Sobig.F worm variant in that it does not target addresses from the user's e-mail address book, but collects addresses through the computer's directory.

Overall, Poulos said there has been a massive surge in virus activity over the past one and a half to two months. Poulos added his "gut feeling" on this year compared to last year is that virus activity has roughly doubled.

The worm is currently at the centre of Telstra BigPond's ongoing e-mail service disruptions. The telco announced on Thursday that the worm had largely contributed to a 20 to 30 per cent increase in the number of e-mails received across its BigPond service, resulting in massive delays in customers receiving and sending e-mails from their BigPond accounts over the past week.

According to Telstra, almost all of its BigPond customers have been affected by the worm - a total of nearly 1.5 million users.

Join the newsletter!


Sign up to gain exclusive access to email subscriptions, event invitations, competitions, giveaways, and much more.

Membership is free, and your security and privacy remain protected. View our privacy policy before signing up.

Error: Please check your email address.
Keep up with the latest tech news, reviews and previews by subscribing to the Good Gear Guide newsletter.
Nadia Cameron

Nadia Cameron

PC World
Show Comments

Most Popular Reviews

Latest Articles


PCW Evaluation Team

Cate Bacon

Aruba Instant On AP11D

The strength of the Aruba Instant On AP11D is that the design and feature set support the modern, flexible, and mobile way of working.

Dr Prabigya Shiwakoti

Aruba Instant On AP11D

Aruba backs the AP11D up with a two-year warranty and 24/7 phone support.

Tom Pope

Dynabook Portégé X30L-G

Ultimately this laptop has achieved everything I would hope for in a laptop for work, while fitting that into a form factor and weight that is remarkable.

Tom Sellers


This smart laptop was enjoyable to use and great to work on – creating content was super simple.

Lolita Wang


It really doesn’t get more “gaming laptop” than this.

Featured Content

Product Launch Showcase

Don’t have an account? Sign up here

Don't have an account? Sign up now

Forgot password?