RealTime IT News

It's That Time: 'Happy New Year' Worms

Once again an e-mail worm with the title 'Happy New Year' is making the rounds.

VeriSign's iDefense security unit is reporting on the emergence of a 2007 variant Happy New Year worm. According to Ken Dunham, director of the Rapid Response Team at iDefense, the Happy New Year worm is being heavily seeded at a rate of up to five e-mails per second.

To achieve the rapid seed rate, iDefense has estimated that there are more than 160 e-mail servers currently sending the maliciously intentioned New Year's greeting.

Like many worms, user interaction is required in order for any harm to occur. Clicking on the message will result in two rootkits being installed on the victim's machine.

The rootkits serve to protect malicious code variants from a number of different worm-code families. The victimized PC can then be turned into a host for spamming the Happy New Year worm to others.

"The period of greatest risk is through the New Years holiday, when antivirus protection is the lowest for this new threat and users are most apt to click on a 'New Year's' related message," Dunham said. "Everyone should be on guard for e-mails and other content potentially harboring malicious code during the holiday period."

The 2007 Happy New Year worm is called Luder.A by antivirus vendor F-Secure, which has also issued an advisory on the worm.

Whatever the technical name is for the 2007 Happy New Year worm, it is neither the first (nor likely the last) worm to be called "Happy New Year."

As far back as 1999, potential "Happy New Year" e-mail threats have been circulated on the Internet. One 1999 threat was labeled as a hoax by security vendor Symantec.

But hoax or not, worm or virus, malicious "Happy New Year" e-mails have existed in one form or another. Looks like when it comes to e-mail threats in 2007, they're going to party like it's 1999.