Shockwave virus upgraded to high risk

Anti-virus company McAfee said it received as many as 50 reports of the virus within 24 hours, prompting the Network Associates subsidiary to upgrade the virus from medium risk to high risk late Friday afternoon.

Trend Micro is also seeing increased incidents of the virus, which arrives in an e-mail bearing the subject line "A great shockwave flash movie." Trend Micro received reports of the worm Friday from nine Fortune 500 companies in the US, Europe and Asia, as well as numerous smaller companies, officials said.

The worm, which first appeared Thursday, is delivered to users in the form of an e-mail attachment that appears to be a Shockwave Media Player. When a user tries to view the fake movie attachment, the worm sends a copy of itself to all people in the address book of the user's Microsoft Outlook email program, potentially clogging e-mail networks.

The worm doesn't destroy files on a user's computer but renames all files of the ".jpeg" and ".zip" type and moves them to the PC's root directory, said Patrick Nolan, a virus researcher with McAfee's Anti-Virus Emergency Response Team (AVERT).

There doesn't appear to be a pattern to the industries that have been affected by the virus, which include companies in the manufacturing, banking, healthcare and retail sectors, officials at both Trend and McAfee said.

While the worm doesn't delete files, it can clog networks and take e-mail servers offline. Cleaning up files that have been relocated and renamed could also waste considerable time, Nolan said.

Anti-virus vendors have long been warning users not to open attached files of the ".exe" type. One reason the Creative.exe virus may be spreading so quickly is that uses the Shockwave Flash movie icon. Users tend to trust familiar icons they see on their computers, and virus writers are starting to play off that trust, a spokeswoman for McAfee said.

"This could be setting a new trend in virus writing," she said.

The virus hasn't caused as much damage as the notorious "I Love You" virus, which reached millions of computers in May this year and wreaked havoc at corporations around the globe. The ability of "I Love You" to delete files, and the fact that it spread so rapidly, earned it McAfee's highest risk assessment -- "high risk - outbreak." The Shockwave virus is currently rated at high risk, one step below.

Join the newsletter!

Error: Please check your email address.
Rocket to Success - Your 10 Tips for Smarter ERP System Selection
Keep up with the latest tech news, reviews and previews by subscribing to the Good Gear Guide newsletter.

James Niccolai

PC World
Show Comments

Most Popular Reviews

Latest Articles

Resources

PCW Evaluation Team

Ben Ramsden

Sharp PN-40TC1 Huddle Board

Brainstorming, innovation, problem solving, and negotiation have all become much more productive and valuable if people can easily collaborate in real time with minimal friction.

Sarah Ieroianni

Brother QL-820NWB Professional Label Printer

The print quality also does not disappoint, it’s clear, bold, doesn’t smudge and the text is perfectly sized.

Ratchada Dunn

Sharp PN-40TC1 Huddle Board

The Huddle Board’s built in program; Sharp Touch Viewing software allows us to easily manipulate and edit our documents (jpegs and PDFs) all at the same time on the dashboard.

George Khoury

Sharp PN-40TC1 Huddle Board

The biggest perks for me would be that it comes with easy to use and comprehensive programs that make the collaboration process a whole lot more intuitive and organic

David Coyle

Brother PocketJet PJ-773 A4 Portable Thermal Printer

I rate the printer as a 5 out of 5 stars as it has been able to fit seamlessly into my busy and mobile lifestyle.

Kurt Hegetschweiler

Brother PocketJet PJ-773 A4 Portable Thermal Printer

It’s perfect for mobile workers. Just take it out — it’s small enough to sit anywhere — turn it on, load a sheet of paper, and start printing.

Featured Content

Product Launch Showcase

Latest Jobs

Don’t have an account? Sign up here

Don't have an account? Sign up now

Forgot password?