Create or retrieve your password by clicking here

Computer Virus Information Update for NTA Members

August 22, 2003

Computer Virus Information Update for NTA Members
NTA is aware that computer viruses are affecting many of our members. We want to help you better understand some of the issues related to this latest ‘virus’ attack, so we are sending these definitions and explanations of how viruses affect your computer and network systems. At the end of this story, we have suggested a few programs you may use to protect your system. And remember, this is NOT a worm targeting only the travel industry; rather it is a mass-mailing worm that can affect nearly anyone.

What is a Virus? A virus is a manmade program or piece of code that causes an unexpected, usually negative, event. Viruses are often disguised games or images with clever marketing titles such as "Me, nude."

What is a Worm? Computer Worms are viruses that reside in the active memory of a computer and duplicate themselves. They may send copies of themselves to other computers, such as through e-mail or Internet Relay Chat (IRC). You may have received a worm disguised as "Re: Your Details" or "Re: Thank You."

What is a Trojan Horse? A Trojan horse program is a malicious program that pretends to be a benign application; a Trojan horse program purposefully does something the user does not expect. Trojans are not viruses since they do not replicate, but Trojan horse programs can be just as destructive.

What is a Virus Hoax? There are a lot of viruses out there. But some aren’t really out there at all. Virus hoaxes are more than mere annoyances, as they may lead some users to routinely ignore all virus-warning messages, leaving them vulnerable to a genuine, destructive virus. Next time you receive an urgent virus-warning message, be sure to check the list of known virus hoaxes below. Remember: Never open an e-mail attachment unless you know what it is – even if it’s from someone you know and trust. Remember that virus writers can use known hoaxes to their advantage. For example, AOL4FREE began as a hoax virus warning. Then somebody distributed a destructive Trojan attached to the original hoax virus warning! The lessons are clear: Always remain vigilant and never open a suspicious attachment.

Many people use the term Virus to refer only to non-replicating malicious programs, thus making a distinction between Trojans and viruses.

The latest threat is a new variant of W32/Sobig. W32/Sobig.f@MM is a High Risk mass-mailing worm. It arrives as an e-mail attachment with a .pif or .scr extension. When run, it infects the host computer, and then e-mails itself to harvested e-mail addresses from the victim’s machine. In addition, when it propagates, the worm "spoofs" the "from: field", using one of the harvested e-mail addresses. So exercise care when opening e-mails with attachments. An infected e-mail can come from addresses you recognize. This is why many of you are receiving e-mails from fellow travel industry professionals.

Because it sends so many e-mails, a worm like Sobig also saps bandwidth and slows network performance. Worse, it can also open up a user’s computer port, making it vulnerable to hackers, who can plant dangerous Trojans. These malicious programs often let unauthorized users remotely take over a system, steal personal information or use the infected PC to send spam.

To aide in protecting your systems from these attacks, it is recommended that you install anti-virus software and maintain your updates for Microsoft Operating Systems. Two recommended vendors for anti-virus software are Norton’s Antivirus by Symantec and McAfee Antivirus by Network Associates.

For additional information go to Network Associates at nai.com or Symantec at symantec.com, which were used to compile this material.

« »