Enterprises Recover From ‘Here You Have’ Virus

It was a simple spam campaign that got out of control. The lure of some pornographic videos was all it took to start one of the largest email disruptions in recent memory.

As eSecurity Planet reports, the “Here you have” virus accounted for more than 14 percent of all spam messages at its peak late last week, a sign that even though the idea may be simple, getting corporate email systems back in order is anything but.

It would then send the same or a similar spam message to all of the contacts in a victim’s address book, helping the virus to spread geometrically and giving it even more currency because the next crop of potential victims thought it was being sent by someone they knew or trusted.

Considering that 90 percent of all email traffic — 300 billion messages a day — is spam, the fact that this one variant of spam managed to account for more than 14 percent of the total spam traffic attests to the surprising appeal of what are really old-school malware tactics, security researchers said.

While the source of the “Here you have” virus that spread like wildfire throughout corporate email servers around the globe may have finally been shut down, enterprise IT departments are still dealing with the fallout from one of the most virulent and fast-moving viruses in recent history.

According to security researchers at Cisco’s (NASDAQ: CSCO) IronPort division, the “Here you have” email worm peaked Thursday when the sneaky “download-and-run” malware accounted for a staggering 14.2 percent of all spam messages circulating the Internet — or more than 42 billion individual spam messages.

Security software firm Sophos, which identified the malware as W32/Autorun-BHO, said the U.K.-based website responsible for spreading the Windows-based virus was shut down sometime Friday, bringing an end to the upheaval.

Read the full story at eSecurity Planet:


‘Here You Have’ Spam Outbreak Leaves Enterprises Reeling