'Newsletter' worm targets Outlook

Security experts around the world are warning of a new virus that uses Microsoft Outlook e-mail software to replicate itself by sending out mass e-mails that may destroy some Windows files.

The virus, called W32.Yarner.A@mm, emerged yesterday in Europe, where it masquerades as a newsletter published by a German security group Tojaner Info , according to a statement on Trojaner's Web site. (The Web site is in German with no English translation.) The statement said an unknown person started the worm and uses the names of Trojaner staffers, Thomas Tietz and Andreas Ebert, at the end of the message.

According to reports by Abingdon, England-based Sophos Anti-Virus and Cupertino, Calif.-based Symantec Corp., the worm arrives in an e-mail with the subject line "Trojaner Info Newsletter" and the current date. Inside, users find a message in German and an attachment named yawsetup.exe.

The worm then burrows into a user's system and replicates itself via the user's address book and by searching files with the extensions .php, .htm, .shtm, .cgi, and .pl, according to Symantec.

Symantec said the virus can delete files related to Windows but that it's easy to contain and hasn't spread very far.

Bill Pollak at CERT Coordination Center , a security research and information service at Carnegie Mellon University in Pittsburgh, said the group is monitoring the virus but hasn't issued an advisory.

Join the newsletter!

Error: Please check your email address.

More about Carnegie Mellon University AustraliaCERT AustraliaMicrosoftSophosSophos Anti-VirusSymantec

Show Comments
[]