The mass-mailing Fizzer worm, which was discovered at the end of last week, is likely to be around for a long time, security experts have warned. Internet security firm MessageLabs said the virus, which has already reached a peak of one in 474 e-mails to date, is “particularly unpleasant”, because its ability to spread quickly across the web. “Although perhaps not as prevalent in these initial stages as other notable outbreaks such as Klez or Bugbear, Fizzer is certainly likely to be around for a long while,” the company said yesterday (12 May). This morning (13 May), MessageLabs said it had intercepted almost 50,000 e-mails infected with the Fizzer virus, which has been classed as medium risk. Fizzer, which spreads via e-mail and the Kazaa peer-to-peer (P2P) file-sharing network, can update itself via download from a geocities website, said security firm Trend Micro. The worm, which arrives as a file attachment with an .EXE, .PIF, .COM, or .SCR extension, has an SMTP engine, which it uses to send copies of itself via e-mail. It obtains recipients from addresses found in Window Address Book. Fizzer was first detected in the Far East, but it would seem it was created by someone with a good knowledge of German given the use of dialect within the subject line, Trend Micro said. English is also used in the subject line, and in the main body of the e-mail. Full Story
About OODA Analyst
OODA is comprised of a unique team of international experts capable of providing advanced intelligence and analysis, strategy and planning support, risk and threat management, training, decision support, crisis response, and security services to global corporations and governments.