On the same day a new e-mail worm was found masquerading as a missive from Microsoft’s technical support, the software giant announced it would partner with Network Associates
and Trend Micro
to tackle high-risk viruses.
The companies said the Virus Information Alliance (VIA) would create a
special Web-based repository for information on viruses affecting
Microsoft’s technology. Financial terms of the three-way deal were not
Microsoft said it would host the repository in its TechNet security site.
The companies said that, as founding members of Microsoft’s VIA, Network Associates and Trend Micro would work to help educate and protect Microsoft customers against the threat of malicious code attacks as well as emerging Internet threats.
The alliance comes in the wake of warnings from anti-virus firms Monday
of a new e-mail worm (W32/Palyh-A) that pretends to come from
[email protected] and contains the message text “All information
is in the attached file”.
from Mass.-based Sophos said the mail contains an attached file that
is a Windows program with a ‘PIF’ extension.
“If users open the attachment
then they will infect themselves immediately. W32/Palyh-A copies itself to
the Windows folder, scoops up email addresses it finds on the user’s hard
disk, and then starts sending itself out by email,” the company warned.
“Microsoft technical support does not send out files in this way, and
users should think twice before they click,” Sophos executive Chris Belthoff
Security Response unit, which is also mon
itoring the virus, said the worm is programmed to deactivate itself on
May 30, 2003.
The discovery of the W32/Palyh-A worm comes just days after the ‘Fizzer’ virus
was detected wreaking havoc on e-mail inboxes and on the Kazaa P2P network.
The ‘Fizzer’ virus was considered especially dangerous because it contained
a backdoor that used mIRC (Inter Relay Chat) to communicate with a remote
attacker and a keystroke-logger that recorded all keyboard strokes in a
separate log file.