Security: Here you Have Virus Wreaks Havoc on Inboxes Worldwide - Who It Affected
(Page 2 of 2 )
Up until now you may have been led to believe that this worm only affected corporate types or those working in offices, but it hit many on their home computers as well. There were actually two versions of the worm; the one that mostly affected offices and other business environments was an e-mail with the subject line “Here You Have” while the body read: "Hello: This is The Document I told you about, you can find it here" and included a link that appeared to be a PDF document.
The second version of the worm is what lured in a majority of home users. The e-mail subject line was “Just For You” and the body of the e-mail read: "This is The Free Download Sex Movies, you can find it Here." Is the wording a bit bizarre? Yes. Are many of us apt to click on random links to “sex movies?” No, but keep in mind that the worm was able to send these e-mails so that it appeared as if they were coming from someone already in the victim’s contact list, which made them all the more believable.
If the user clicked the link, they effectively downloaded the virus and in turn, it would spread to the contacts in their e-mail account and continue to propagate. Though it was a worm, McAfee actually classified “Here You Have” as a virus because according to their research, it also attempted to stop and delete security services. Once the threat copied itself to another computer, it would be launched, and it will continue to spread if a user even opens the folder that contains the threat on a new computer.
Aside from the obvious advice administered by McAfee, which was basically, “If you receive the messages, delete them without clicking the link,” what else can the public do to protect themselves from a similar attack? Thankfully, there are many options.
The Department of Homeland Security's Computer Emergency Readiness Team (US-CERT) recommends that computer users be extra cautious with their e-mail. This means that users should not click on links in unsolicited e-mails, open e-mails from unknown contacts, or open e-mails that have odd or generic subject lines, such as “Here You Have.” Your best bet for staying safe online, however, is to install anti-virus software and frequently update it. Also, users should turn off an option on their computer that automatically downloads attachments.
Security experts from Norton are quick to recommend a few more seemingly extreme steps users should take, such as disconnecting infected computers from their local network and disabling network sharing. Also, if you were one of the unlucky thousands (perhaps millions) that received the notorious “You You Have” virus, Norton also suggests blocking outbound traffic to the domains or IP addresses contained in the e-mail in order to prevent connecting to distribution sites for download.
The best, and easiest, way to protect yourself is something we’ve already touched on, but deserves repeating: run an anti-virus program on your computer and make sure it's up to date. Shortly after news of the virus spread far and wide, PCMag.com security analyst Neil J. Rubenking wrote a now notorious entry on his Security Watch blog: "People! DO NOT click links in e-mail messages from unknown people. DO NOT even click links in e-mail messages from your friend, since the real source of the message might be a virus. DO keep your computer protected with an antivirus or a security suite, that way if you click the wrong link in a fit of weakness, you'll still be protected from whatever new threat replaces 'Here You Have.'" Truer words have never been spoken (or blogged).
| DISCLAIMER: The content provided in this article is not warranted or guaranteed by Developer Shed, Inc. The content provided is intended for entertainment and/or educational purposes in order to introduce to the reader key ideas, concepts, and/or product reviews. As such it is incumbent upon the reader to employ real-world tactics for security and implementation of best practices. We are not liable for any negative consequences that may result from implementing any information covered in our articles or tutorials. If this is a hardware review, it is not recommended to open and/or modify your hardware. |