Netsky Internet worm
03 03 2004
Netsky is another mass-mailing worm that arrives as a ‘spoof’ email and sends itself to the email addresses it finds on computer hard drives.
This worm affects Windows 2000, Windows 3.x, Windows 98, Windows Me, Windows NT, Windows Server 2003 and Windows XP
Symantec assess Netsky as ‘Wild’ with fairly widespread distribution. McAfee classify this worm as medium risk for home and business users. The damage it actually causes is fairly minimal but new variants may not so benign.
Anti-virus software such as Norton that supports the worm-blocking functionality will detect this threat automatically as it attempts to spread.
The Netsky worm is relatively easy to block with anti-virus software but removal after a successful attack is not as simple.
The Netsky email appears to be in reply to your email
The subject line can be -
‘Re: Your product’, ‘Re: Your bill’, ‘Re: Here is the document’, ‘Re: Re: Thanks!’ or similarly innocuous topics.
The message may be one of these:
‘Your file is attached.’
‘Please read the attached file.’
‘Please have a look at the attached file.’
‘See the attached file for details.’
‘Here is the file.’
‘Your document is attached.’
The email has an attachment with .pif as the file extension.
Symantec advise - Turn off and remove unneeded services. By default, many operating systems install auxiliary services that are not critical, such as an FTP server, telnet, and a Web server. These services are avenues of attack. If they are removed, blended threats have less avenues of attack and you have fewer services to maintain through patch updates.
For more information about this virus threat and how to deal with it, visit the web site of your anti-virus software provider, such as Symantec (Norton branded products), Surf Control or McAfee.
Please do circulate this notice to your staff so that they are more aware of possible threats to your computer systems
Back to top of page
Click on any of the defining keywords below to search for specific matches: