e-greetings for the New Year: Watch out!

by CXOtoday Staff    Jan 02, 2007

A new e-mail worm has been circulated with the subject line ‘Happy New Year’. It requires users to click on the attachment ‘postcard.exe’ that causes the damage. On clicking it, several malicious code variants namely Tibs, Nwar, Banwarum, Glowa etc. will be installed on the computer. After this is done, mass mailing from the affected machine is executed.

It is reported that all the e-mails have a common user agent, namely Thunderbird 1.5.09.

VeriSign’s iDefense Labs, a research hub that investigates cyber threats and alerts users, has found a network that sends out five e-mails per second with the worm.

Although, clicking on attachment does harm, the security firm feels that potential damage can only be done because of the subject line. It is already started warning people from clicking on messages, which can be mistaken as belonging to their relatives. The subject lines and the executable names keep changing. The reported name variants include ‘greetingcard.exe’ , ‘greetingpostcard.exe’ among others. The subject lines include Annual Fun Forecast, Baby New Year, Best Wishes For A Happy New Year, Fun 2007, Fun Filled New Year.