- A pair of antivirus companies is warning users to look out for an email worm that could allow attackers to take over their machines and try to damage firewall and security programs.
Santa Clara, California-based Network Associates' McAfee.com unit and Cupertino, California-based Symantec are both warning computer users to watch out for an email message with a subject line: "Thoughts..."
Inside, users find a short note reading: "I just found this program, and, i dont know why... but it reminded me of you. check it out." Inside the message is an attachment called Cute.exe.
Statements released by both Symantec and McAfee say the package will unleash a Trojan horse worm that will look for security programs inside a user's machine and attack them. Both companies have labeled the worm a "low" risk and offer instructions on their websites on how to remove it.
The program will also allow attackers to do the following:
-- Send instant messages from an infected machine using either MSN Messenger or AOL Instant Messanger
-- Send email
-- Initiate denial-of-service attacks
-- Access, move, copy or delete files
-- Access, move, copy or delete file transfer protocol files
The program will copy itself to the Windows directory and create two registry keys, according to McAfee's statement. Two INI keys are also created. Then "the worm looks for E security programs (including antivirus and firewall programs) in memory and terminates them if found," the statement said.