WOU: UCS: Virus/Spam Information

Page Content   Main Links   Utility Links   Quick Links   Footer

University Computing Services

Common Viruses Seen At WOU

Bagle and Netsky variants continue to appear

Update:Someone is still releasing variants of Netsky, even though the original creator has been arrested.  Even though the rivalry between the makers of Bagle and Netsky seems to have slowed down or ceased, both viruses continue to appear in new variants.  There are now too many to describe here, but since PureMessage seems to be catching them all, they are not a serious threat to WOU users.  See the links to the right for information on new variants.  The latest tactic is not to include a virus attachment at all, but instead to try to trick the user into clicking a link in the message, which will then use security holes in Internet Explorer to download and run the virus.  Several viruses now use this tactic; never click a link in a message unless you were expecting it, even if it seems to come from someone you know.  Remember that From: addresses are easy to fake, and links don't always go to where they claim to go.


This virus spreads by email, using the by now usual address spoofing and zipped attachment strategies.  It is notable only because it tries to take advantage of the holiday season to trick recipients.  It tries to guess the nationality of the recipient based on their email address and will send out its messages in the appropriate language.  The English version has the subject line "Merry Christmas!" and includes the text "Happy Hollydays".  If your email program is capable of displaying colors and images, the message body appears in holiday colors and includes a small animated graphic.   Within the message body it is signed with the same name on the From: address.  Attached is a zipped file with an innocent-looking name such as "postcard.index.gif5627.zip", which is actually the virus.

General Note

Remember, WOU University Computing Services will never send you a program by email and ask you to run it.  If you see anything like this that looks like it is from us, even from one of us that you know personally, it is a trick.  However, new virus variants have been appearing at a rapid rate, so don't trust the virus scanner completely.  The antivirus program on your machine should stop you from opening a virus file even if the email scanner hasn't been updated to detect it yet, but there's still no substitute for common sense.

World-Wide Virus Information

Latest 10 virus alerts
17 Jul JS/FeebsZip-Fam
17 Jul W32/Feebs-AX
17 Jul Troj/Banker-CZP
17 Jul Troj/Dloadr-AJB
17 Jul Troj/Riler-T
17 Jul Troj/Agent-CIG
16 Jul W32/Alcra-E
16 Jul Troj/Squatbot-A
15 Jul Troj/Banloa-AKE
14 Jul Troj/SpyDldr-L
Source: Sophos Anti-Virus
Add this info to your website

Top 10 viruses in June 2006
1 W32/Netsky-P
2 W32/Mytob-AS
3 W32/Nyxem-D
4 W32/Mytob-P
5 W32/Mytob-M
6 W32/Zafi-B
7 W32/Bagle-Zip
8 W32/Netsky-D
9 W32/Mytob-C
10 W32/MyDoom-O
Source: Sophos Anti-Virus
Add this info to your website


University Computing Services 503-838-8154 | or e-mail: webmaster@wou.edu

Assistive Options

Top of page

Assistive Options

Open the original version of this page.

Usablenet Assistive is a Usablenet product. Usablenet Assistive Main Page.