A worm with high damage potential is spreading across the Internet, with initial outbreaks Monday in Europe and Asia, Trend Micro Inc. said.
The Lovgate.C worm, a variant of an earlier worm with the same name, propagates itself by replying to e-mail in a user’s inbox with an attachment containing the bad code, Trend said. It then installs a backdoor port that allows a remote user to access and modify files on an infected user’s system.
The self-replicating worm spreads through network-shared folders and subfolders as well as through the traditional method of an unsuspecting user clicking on an attachment.
Trend Micro provided an example where a legitimate e-mail sent to an infected user, concerning something business-related, is replied to by the worm with the message, “I’ll try to respond as soon as possible. Take a look to [sic] the attachment and send me your opinion!” Users will often click on this attachment, since it comes from a person they know, Trend said.
Clicking on the attachment sends the malicious code into several executable files on a user’s system.
The worm is affecting users of Microsoft Corp.’s Outlook and Outlook Express e-mail programs. The overall risk of the worm is classified as medium at this time, and more details can be found on Trend’s Web site at:
http://www.trendmicro.com/vinfo/virusencyclo/default5.asp?VName=WORM_LOVGATE.C