Dear Colleagues, I've just copied this news flash from the MSN site, I've already received happy99.exe but deleted it as soon as I received it. Happy99.exe - I contacted the person who's email system had unwittingly been infected and was completely unaware that the file he had received from a business associate was anything but a belated New Year wish. You receive an email from someone you know, it will not have a subject heading nor will there be a message - just the file attachment. I've been told if you open the file it displays a fireworks display in a small window with the message "Happy 1999". Once you've received the virus, it sends itself out to entries in your email address book without you knowing. Melissa virus description below.... E-mail virus anxiety increases
'Melissa' macro Word attachment called list.doc contains virus/worm that sends copies of itself around Net By Bob Sullivan MSNBC March 28- If you receive an e-mail with the subject line "Important message from ... ," be suspicious. If you open the document, it will send 50 copies of itself to several e-mail addresses it gleans from your personal e-mail. That gives it the ability to propagate very quickly and possibly wreak havoc with e-mail systems on Monday despite a weekend of warnings, according to virus experts. 'We're getting so many reports from across the world., that we know this is going to be a huge problem come Monday,' Katherine Fithen Manager of Carnegie Mellon University's Computer Emergency Response Team IF YOU'VE BEEN infected, don't feel bad - experts think hundreds of thousands of PCs might have been infected in the three days the virus has been "in the wild." Katherine Fithen, manager of Carnegie Mellon University's Computer Emergency Response Team, said the full reach of the virus may become clear Monday when millions of people sit down at their computer terminals for the first time since Melissa emerged. "It's safe to say we're bracing ourselves," she said. The document itself contains a list of 73 pornographic Web sites, along with usernames and passwords for those sites. The virus may have been unleashed on the world Friday - it contains the text "Password List for March 26, 1999." The virus can allow documents to be e-mailed to other people without warning, a potential security breach that should worry businesses and governments, an expert at Carnegie Mellon University said Saturday. "Melissa" spreads via infected e-mail and attacks computers loaded with Microsoft's widely used Word 97 or Word 2000 programs, according to CERT, which is a Department of Defense-funded computer security team. CERT first heard of the virus Friday afternoon and its members worked through the night to analyze the virus and develop a fix, Fithen said. "We're getting so many reports from across the world., that we know this is going to be a huge problem come Monday," she said. Fithen noted that since CERT was founded 10 years ago, this is only the second time it has considered a virus important enough to warrant a public announcement. The first, in 1994, warned of a virus that allowed computer burglars to collect passwords. SPREADING RAPIDLY CERT has not determined where the Melissa virus originated. Fithen said she is not allowed to say whether any governmental agency has suffered a security breach as a result of Melissa. On Friday, a spokesman from Network Associates said the company received one e-mail every three minutes starting at 8 a.m. from clients complaining about the file. "It's spreading much faster than happy99," he said. About 60,000 users were infected at the company which made the first complaint, said Srivhes Sampath, general manager of McAfee Online. "It pretty much brings mail systems to a halt ... We've never seen anything spread like this." The Melissa macro is spreading so fast for two reasons; it sends 50 copies of itself out after it infects a user; and, it is often able to fool potential victims into thinking the mail came from a trusted source. "It pretty much brings mail systems to a halt ... We've never seen anything spread like this." Srivhes Sampath McAfee After infecting a user, the macro reads the victim's registry and gleans the user's name. It then sends 50 copies of itself to e-mail addresses included in that user's address book. The subject line of those mails includes the infected user's name (it reads "Important message from [user name]"), which often tricks potential victims into trusting the message and opening the attached document, according to Network Associates. The user does not know he or she is infected until an e-mail recipient complains. "Word/Melissa written by Kwyjibo," is the text that accompanies the macro. The author also pokes fun at virus writers who he or she expects will argue about the exact classification of the pest, as often happens. "Works in both Word 2000 and Word 97. Worm? Macro Virus? Word 97 Virus? Word 2000 Virus? You Decide!" Kwyjibo appears to be a reference to a "Simpsons" TV show episode in which Bart Simpson wins a Scrabble game by spelling out the word Kwyjibo. The virus also includes a line from that episode: "Twenty-two points, plus triple-word-score, plus fifty points for using all my letters. Game's over. I'm outta here." The Associated Press contributed to this report. Go to http://www.msnbc.com/msn/253803.asp for more links on how to remove thses viruses. Edward Fitzgerald International Approvals Consultant Direct Tel. : +44 1202 20 09 22 GSM Tel. : +44 4685 33 100 European Technology Services Specialist Global Compliance Consultancy Offices in Australia, Canada and the UK http://www.ets-tele.com --------- This message is coming from the emc-pstc discussion list. To cancel your subscription, send mail to majord...@ieee.org with the single line: "unsubscribe emc-pstc" (without the quotes). For help, send mail to ed.pr...@cubic.com, j...@gwmail.monarch.com, ri...@sdd.hp.com, or roger.volgst...@compaq.com (the list administrators).
