ExploreZip Virus Hitting Internet, Experts Warn
By Dick Satran
SAN FRANCISCO (Reuters) - Computer security experts warned
Thursday of a new email-borne
computer infection that's spreading over the Internet in a fashion similar
to the widespread Melissa virus.
The new infection, ``called the ExploreZip worm,'' can potentially erase
files from a user's computer, making it inherently more
dangerous than the Melissa virus, which gained notoriety for its ability
to spread quickly but not because it destroyed any data.
ExploreZip is known as a worm, not a virus, because it can't replicate
itself. Computer viruses such as Melissa, which appeared
in March, are written with the capability to reproduce through automation.
But even if it can't reproduce itself, it's spreading quickly, experts
said. Network Associates Inc. (Nasdaq:NETA - news), the
computer security firm, said it gave ExploreZip a ``high risk''
classification because it doubled overnight and has already shown
up on thousands of computers in the United States, France and Germany. The
company said it believes the worm originated in
Israel.
The computer bug is cleverly disguised as an e-mail that appears to be a
response to an earlier message, borrowing a page from
Melissa, which appeared as a benign e-mail and surreptitiously sent
messages to other users.
``I received your e-mail, and I shall reply ASAP,'' the ExploreZip message
reads. ``Till then, take a look at the zipped docs.''
The computer experts warned users to delete that message. Users who
respond by clicking on the attached file will launch the
virus into their computer that will then destroy Microsoft Outlook,
Express and possibly other e-mail related documents.
Leading computer security companies Network Associates
(http://www.nai.com), Symantec Corp. (Nasdaq:SYMC - news)
(http://symantec.com) and Trend Micro Inc. (http://www.antivirus.com) all
have offered virus protection patches that can be
downloaded from their sites to identify and eliminate the bug.
``Apart from the using the anti-virus software, we just recommend that
people not open any file that they can't verify the origin
of,'' said a Network Associates official.
