Website:news.smh.com.au

Date of Publishing:10/9/2010

A new malicious email worm that disables anti-virus software is threatening in-boxes around the globe.

The threat arrives via email and asks the recipient to click on a link embedded in the email.

This link points to a malicious program file that is disguised as a PDF file, hosted on the internet.

Once on the computer, the threat attempts to email a copy of itself to all email addresses found in the infected user's address book.

Symantec, which released the worm alert, says the worm does not affect its anti-virus software.

"The threat also attempts to spread from computer to computer over the local network (to other machines on your home or office network) by copying itself to open drive shares found on other machines on the network," Symantec Corporation said in a statement.

"Once the threat copies itself to another machine, if a user even opens the folder that contains the threat on this new machine, this will launch the threat and cause it to spread further through both email and over shared drives."

The email will read: "Hello: This is The Document I told you about, you can find it Here. . Please check it and reply as soon as possible. Cheers,".

Once the link is followed, it proceeds to download the actual malicious threat W32.Imsolk.B@mm which infects the compromised machine.

Symantec advise computer users to update virus software and avoid clicking on links or attachments in email messages.

The file used in this case is a .SCR file.

Reference:

• THE SYDNEY MORNING HERALD