Security experts reported no widespread damage Friday morning from a new e-mail which claims a virus is a Internet Explorer 7 Beta 2 download. The reason you are reading about this one and not another is because the e-mail includes a convincing blue Microsoft-style graphic and the virus is delivered when recipients click on the linked graphic rather than in an attachment, which makes it harder to stop it from reaching in-boxes. Warn your less tech-savvy friends. The e-mails carry the subject line "Internet Explorer 7 Downloads" and appear to come from admin@microsoft.com. The file, called IE 7.exe, is actually a new virus called Virus.Win32.Grum.A, and security experts were still analyzing it Friday to see what it does.
Sophos PLC said it can spread by e-mailing itself to contacts in a user's address book. The virus tampers with registry files to ensure it gets installed, and it tries to download additional files from the Internet, said Graham Cluley, a senior technology consultant for Sophos. "We don't know anything yet about where it is coming from. It's fairly well made and hard to analyze with normal tools," said Mikko Hypponen, chief research officer at F-Secure Corporation. F-Secure had received many reports of the e-mail but few submissions of the virus itself, indicating that damage so far is limited. Cluely agreed: "I wouldn't classify this as one of the biggest viruses of the year, but that doesn't mean it isn't a threat." The virus is being hosted on several servers around the world, which will increase the time it takes to identify and clean them all. They appear to be Web servers that have been hacked, Hypponen said.
News source: PC World
9 Comments - Add comment