Netsky.p Reaches Medium Threat

The latest variant of the worm reportedly has infected at least one large European company.

InformationWeek Staff, Contributor

March 22, 2004

2 Min Read

The latest variant of the Netsky virus was rated a medium threat Monday, and reportedly infected at least one large European company.

Netsky.p, the 16th variant of the Internet worm, takes advantage of a vulnerability in Microsoft Internet Explorer 5.01 or 5.5 without Service Pack 2. The variant is the first of the Netsky line capable of executing without the PC user clicking on an attachment, antivirus experts said.

Network Associates Inc. and Symantec Corp. rated Netsky.p a medium risk.

Network Associates has received more than 100 reports of the worm from customers and virus-generated E-mails. A worm is a type of virus that opens a backdoor in a PC, making it possible for a hacker to take control of the machine to distribute spam, launch a denial-of-service attack, or steal passwords to Internet accounts.

Netsky.p infected at least one large European company, but it was confined to a few hundred machines.

"The company is as large as a Fortune 500 company in Europe," said Vincent Gullotto, a virus expert at Network Associates who declined to identify the company. "It wasn't a widespread outbreak, and the company is still in operation."

Netsky.p is troublesome because the virus can be executed without a PC user double-clicking on the attachment. For this to happen, however, the user must have the Microsoft Outlook E-mail client set to display E-mail written in HTML.

Code embedded in the document automatically executes the Zip file containing Netsky.p, which propagates itself by stealing E-mail addresses from the infected machine.

However, virus experts don't expect Netsky.p to become a major threat, primarily because it takes advantage of a vulnerability that Microsoft patched in 2001. Many PC users either have installed the patch or have upgraded to Internet Explorer 6.0.

Netsky.p arrives in E-mails with these subject lines: stolen document, re: hello, mail delivery, private document, re: notify, re: document, re: extended mail system, re: protected mail system, re: question, private document, and postcard.

Netsky is one of three of the most prevalent virus strains on the Internet, along with MyDoom and Bagle.

About the Author(s)

InformationWeek Staff

InformationWeek Staff

Contributor

See more from InformationWeek Staff
Never Miss a Beat: Get a snapshot of the issues affecting the IT industry straight to your inbox.
SIGN-UP

You May Also Like

More Insights
Webinars
More Webinars
Reports
More Reports

Editor's Choice

Bald eagles, eagle in flight.
Cyber Resilience
9 Ways CISOs Can Stay Ahead of Bad Actors9 Ways CISOs Can Stay Ahead of Bad Actors
byLisa Morgan
Jul 24, 2024
9 Slides
Binary code concept pattern and big data structure.Net and source code.Abstract background of technology, science and cloud computer.
Data Management
How Much Data Is Too Much for Organizations to Derive Value?How Much Data Is Too Much for Organizations to Derive Value?
byCarrie Pallardy
Jul 22, 2024
11 Min Read
CrowdStrike Holdings, Inc. logo is displayed on a smartphone screen.
Cyber Resilience
CrowdStrike Aftermath: Lessons Learned for Future RecoveryCrowdStrike Aftermath: Lessons Learned for Future Recovery
byJoao-Pierre S. Ruth
Jul 24, 2024
6 Min Read
Calculator displaying the text "SALARY" on top of $100 bills.
IT Leadership
2024 InformationWeek US IT Salary Report: Profits, Layoffs, and the Continued Rise of AI2024 InformationWeek US IT Salary Report
byInformationWeek Staff
Jun 4, 2024
1 Min Read
Digital Security and Threat of a System
IT Leadership
11 Ways Cybersecurity Threats are Evolving11 Ways Cybersecurity Threats are Evolving
byLisa Morgan
Jun 13, 2024
11 Slides
Webinars
More Webinars
White Papers
More White Papers
Live Events
More Live Events
Reports
More Reports