People should be wary of a new variant of the W32.Magistr.A@mm virus, says security specialist Arjen de Landgraaf.
The new version, W32.Magistr.B@mm virus - also known as W32.Magistr.39921@mm – is an improved and more stable version of the W32.Magistr.A@mm he says.
“It can infect more computers connected to a network because it looks for more Windows directory names than the previous version.”
De Landgraaf says a Zone Alarm firewall will be ineffective against it because it will look for Zone Alarm and disable it.
The email subject line is random and the attachment “could be anything – any attachment is risky".
De Landgraaf recommends opening suspicious attachments in text editor or notepad.
The virus first appeared in the US on September 4 (September 5 New Zealand time), de Landgraaf says, but he was unaware of it causing any damage.
W32Magistr.B@mm infects all portable executable (PE) files on a hard disk, except .exe and .scr files with names beginning with the GRPC string, he says.
According to Symantec, the virus uses Windows and Eudora address book files, the Outlook Express sent items folder and Netscape sent items files.
It also overwrites hard drives, erases CMOS, flashes (updates) the BIOS, and has the ability to send confidential Microsoft Word documents, Symantec’s website says.