Symantec - asia pacific
 global sites
products
purchase
service and support
security updates
downloads
about symantec
search
feedback


© 1995-2006 Symantec Corporation.
All rights reserved.
Legal Notices
Privacy Policy
press centre

Symantec upgrades virus threat level of W32.SirCam.Worm@mm worm from 3 to 4


KUALA LUMPUR -- July 20, 2001 --

Date:

July 20, 2001

 

WHAT:

Due to the increased rate of submission, researchers at the Symantec AntiVirus Research Centre (SARC) have upgraded the threat level of W32.Sircam.Worm@mm from 3 to 4.

W32.Sircam.Worm@mm is a worm which is network aware and has email spreading capabilities.

The worm is particularly dangerous because it cannot be identified by the subject line and message, therefore filtering for subject lines and attachments is ineffective.

The worm can arrive as an email message or from another machine on the network.

Subject: The subject of the email will be random, and will be the same as the file name of the attachment in the email.

Message: The message body will be semi-random, but will always contain one of the following two lines (either English or Spanish) as the first and last sentences of the message.

Typically the Spanish version will feature:

First line: Hola como estas ?

Last line: Nos vemos pronto, gracias.

The English version will feature:

First line: Hi! How are you?

Last line: See you later. Thanks

RECOMMENDATIONS/ PROTECTION:

Symantec customers can repair damage caused through the detection function within Norton AntiVirus. Definitions are currently available via LiveUpdate or from the Symantec website at www.sarc.com

The latest information on the worm is available at;

http://www.sarc.com/avcenter/venc/data/w32.sircam.worm@mm.html

PAYLOAD:

The payload is activated on the 16th of October of any given year and will delete all files on the computer.

ABOUT SYMANTEC ANTIVIRUS RESEARCH CENTRE

(SARC):

SARC is one of the industry’s largest dedicated teams of virus experts. With offices located in the United States, Japan, Australia and the Netherlands, the sun never sets on SARC. The centre’s mission is to provide swift, global responses to computer virus threats, proactively research and develop technologies that eliminate such threats and educate the public on safe computing practices. As new computer viruses appear, SARC develops identification and detection for these viruses and provides either a repair or delete operation, thus keeping users protected against the latest virus threats.

ABOUT SYMANTEC:

Symantec, a world leader in Internet security technology, provides a broad range of content and network security solutions to individuals and enterprises. The company is a leading provider of virus protection, firewall and virtual private network, vulnerability management, intrusion detection, Internet content and e-mail filtering, remote management technologies and security services to enterprises around the world. Symantec’s Norton brand of consumer security products leads the market in worldwide retail sales and industry awards. Headquartered in Cupertino, Calif., Symantec has worldwide operations in 37 countries. For more information, please visit our Web site at www.symantec.com.

NOTE TO EDITORS: If you would like additional information on Symantec Corporation and its products, please view the Symantec Press Centre at http://www.symantec.com/region/au_nz/PressCenter/ on Symantec's Web site.